Alarm bells ring over Cisco Nexus devices zero-day despite low CVSS score – TechCentral.ie

Alarm bells ring over Cisco Nexus devices zero-day despite low CVSS score – TechCentral.ie

A threat actor linked to China is exploiting a zero-day vulnerability in Cisco NX-OS software. Known as Velvet Ant, the actor is targeting a command injection vulnerability affecting various Cisco Nexus devices. The vulnerability, CVE-2024-20399, has a CVSS score of 6.0, with the threat actor deploying custom malware. Sygnia researchers uncovered the exploit during an … Read more

Concerns raised over zero-day vulnerability in Cisco Nexus devices, despite low CVSS score

Concerns raised over zero-day vulnerability in Cisco Nexus devices, despite low CVSS score

A suspected threat actor with ties to China, known as Velvet Ant, has been actively exploiting a zero-day vulnerability in Cisco NX-OS software, according to researchers at Sygnia. The vulnerability, identified as CVE-2024-20399, affects a wide range of Cisco Nexus devices and has a CVSS score of 6.0. The threat actor is highly sophisticated and … Read more