Cisco

Cisco

In April 2024, the China-linked APT group Velvet Ant exploited zero-day vulnerability CVE-2024-20399 in Cisco switches to deploy custom malware, gaining control over the network devices. Attackers with valid administrator credentials executed commands as root, bypassing security measures and installing the 'VELVETSHELL' malware for persistent access and espionage. The malware granted capabilities for command execution, file management, and creating traffic tunnels, compromising the integrity of Cisco's network infrastructures and potentially leading to data exfiltration.

Source: https://securityaffairs.com/167423/apt/china-velvet-ant-zero-day-cisco-switches.html

"id": "cis000082424",
"linkid": "cisco",
"type": "Vulnerability",
"date": "8/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.