The zero-day exploit allows an attacker with valid administrator credentials to the Switch management console to escape the NX-OS command line interface (CLI) and execute arbitrary commands on the Linux underlying operating system.
The transition to operating from internal network devices marks yet another escalation in the evasion techniques used in order to ensure the continuation of the espionage campaign.
Velvet Ant's stealthy exploitation of CVE-2024-20399 is characterized by sophistication and shape-shifting tactics, initially infiltrating new and legacy Windows systems.
Researchers noted the threat actor leveraged legacy F5 BIG-IP appliances as a vantage point for persistence in a multi-year campaign targeting an unnamed East Asian organization.
[
Collection
]
[
|
...
]