cisco NX-OS

Pierluigi Paganini December 06, 2024
Hundred of CISCO switches impacted by bootloader flaw

A bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature checks. Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS software’s bootloader that could be exploited by attackers to bypass image signature verification. “A vulnerability in the bootloader of Cisco NX-OS Software could […]

Pierluigi Paganini July 02, 2024
China-linked APT exploited Cisco NX-OS zero-day to deploy custom malware

Cisco fixed an actively exploited NX-OS zero-day, the flaw was exploited to install previously unknown malware as root on vulnerable switches. Cisco addressed an NX-OS zero-day, tracked as CVE-2024-20399 (CVSS score of 6.0), that the China-linked group Velvet Ant exploited to deploy previously unknown malware as root on vulnerable switches. The flaw resides in the […]