The US Cybersecurity and Infrastructure Security Agency (CISA) has added the Cisco NX-OS command injection bug, known as CVE-2024-20399, to its Catalog of Known Exploited Vulnerabilities (KEV). The vulnerability, with a CVSS score of 6.0, allows authenticated local attackers to execute arbitrary commands on vulnerable switches as root. The issue was first observed by cybersecurity … Read more
Security researchers at the University of California have discovered a new high-precision attack called “Indirector” that targets vulnerabilities in the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB) of high-end Intel CPUs like Raptor Lake and Alder Lake. This attack bypasses current defenses and compromises CPU security by exploiting weaknesses in these components. The … Read more
Researchers from the University of California have introduced a new high-precision Branch Target Injection (BTI) attack called “Indirector” that targets vulnerabilities in the Indirect Branch Predictor (IBP) and Branch Target Buffer (BTB) of Intel CPUs, specifically those from the Raptor Lake and Alder Lake generations. The attack, named Indirector, was developed by security researchers Luyi … Read more
A critical vulnerability has been identified in the command line interface (CLI) of Cisco NX operating system, allowing attackers to execute arbitrary commands as root on affected devices. This zero-day flaw, known as CVE-2024-20399, poses a significant threat to network security, especially for organizations using Cisco Nexus and MDS series switches. The vulnerability stems from … Read more