"This vulnerability allowed potentially malicious files to be uploaded by users with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges," Versa said in an advisory released Monday, noting that customers failed to implement system hardening and firewall guidelines from 2015 and 2017.
Volt Typhoon's targeting of Versa Networks, a secure access service edge (SASE) vendor, is not surprising and aligns with the adversary's historical exploitation of compromised small office and home office (SOHO) network equipment.
The attacks, attributed to Volt Typhoon, targeted four U.S. victims and one non-U.S. victim in the ISP, MSP and IT sectors as early as June 12, 2024.
[
Collection
]
[
|
...
]