China-linked APT Velvet Ant Exploited Zero-Day to Compromise Cisco Nexus Switches
China-linked APT Velvet Ant Exploited Zero-Day to Compromise Cisco Nexus Switches
24 August 2024
The China-linked APT group Velvet Ant exploited a zero-day vulnerability in Cisco switches, CVE-2024-20399, to take control of network devices. The flaw in Cisco NX-OS Software's CLI enabled attackers with Admin credentials to run arbitrary commands.