cisco nx-os software (1)

12738010300?profile=RESIZE_400xCyber threat researchers recently uncovered a Chinese cyber espionage campaign targeting a newly discovered command injection vulnerability in Cisco’s Cisco NX-OS software.  They found the vulnerability and its exploitation as part of an ongoing forensic investigation of a Velvet Ant threat group.   The vulnerability tracked as CVE-2024-20399 concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system