Chinese-linked advanced persistent threat group utilized a vulnerability in Cisco NX-OS to distribute customized malware

Chinese-linked advanced persistent threat group utilized a vulnerability in Cisco NX-OS to distribute customized malware

A China-linked group, Velvet Ant, exploited a zero-day vulnerability in Cisco NX-OS software, leading to the deployment of custom malware on vulnerable switches. The flaw, identified as CVE-2024-20399 with a CVSS score of 6.0, allowed attackers to execute arbitrary commands as root within the operating system of affected devices. Only attackers with administrator credentials could … Read more