CVE-2024-20399

Vulnerability updated 22 days ago (2024-11-29T14:42:55.263Z)

Download STIX

Preview STIX

CVE-2024-20399 is a significant software vulnerability that was discovered in Cisco's Nexus Switch Devices. The flaw, rated with a CVSS score of 6.0, enables authenticated attackers to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability has been exploited by the China-Nexus threat group known as 'Velvet Ant,' leading to potential security breaches and system compromises. The exploitation of this vulnerability by 'Velvet Ant' led to a critical advisory from Sygnia for mitigation and response. The group targeted and compromised users by exploiting OS command injection defects in network edge devices, specifically leveraging the CVE-2024-20399 vulnerability. The incident highlights the risk posed by such vulnerabilities and emphasizes the need for timely detection, patching, and mitigation strategies to prevent future attacks. In response to these threat actor campaigns, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have released a new Secure by Design Alert titled "Eliminating OS Command Injection Vulnerabilities." This alert aims to raise awareness about the dangers of OS command injection vulnerabilities like CVE-2024-20399 and provides guidance on how to eliminate such weaknesses in network edge devices to enhance overall cybersecurity.

Description last updated: 2024-07-11T04:15:42.181Z

What's your take? (Question 1 of 2)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Cisco

Exploit

Vulnerability

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CVE-2024-20399 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	a month ago	U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers
Securityaffairs	3 months ago	China-linked APT group Salt Typhoon compromised some US ISPs
Securityaffairs	4 months ago	China-linked APT Velvet Ant exploited zero-day to compromise Cisco switches
DARKReading	5 months ago	CISA, FBI Warn of OS Command-Injection Vulnerabilities
InfoSecurity-magazine	5 months ago	CISA Urges Software Makers to Eliminate OS Command Injection Flaws
CISA	5 months ago	CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities \| CISA
Securityaffairs	5 months ago	U.S. CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog
Securityaffairs	5 months ago	CISA adds Cisco NX-OS Command Injection bug to its Known Exploited Vulnerabilities catalog
Securityaffairs	5 months ago	Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION
BankInfoSecurity	6 months ago	Cisco Patches an Exploited Zero-Day Vulnerability
CISA	6 months ago	CISA Adds One Known Exploited Vulnerability to Catalog \| CISA
DARKReading	6 months ago	Patch Now: Cisco Zero-Day Under Fire From Chinese APT
Securityaffairs	6 months ago	China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware
InfoSecurity-magazine	6 months ago	Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group