{"vulnerability": "CVE-2024-20399", "sightings": [{"uuid": "7594f090-0795-4a2b-b4e4-d771e83d5ac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-07-02T18:10:02.000000Z"}, {"uuid": "2fd813a7-746e-417d-84cc-905dbaa3a37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:55.000000Z"}, {"uuid": "82db4766-a8e3-46fb-98ea-bf392cb6a471", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://gist.github.com/Darkcrai86/64c3a9e2f3a85f4496079a7dbe1c09bd", "content": "", "creation_timestamp": "2025-11-07T08:08:08.000000Z"}, {"uuid": "d825aef2-0824-4db8-bfca-89067c66888a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7840", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPrivate exploit for Cisco Nexus giving RCE\nURL\uff1ahttps://github.com/Blootus/CVE-2024-20399-Cisco-RCE\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-03T03:45:22.000000Z"}, {"uuid": "9e16d380-164a-4ac1-82b9-045d471a5f5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3m5g7scsr3e2n", "content": "", "creation_timestamp": "2025-11-12T08:20:40.142749Z"}, {"uuid": "8809068d-ae32-4abb-a9c3-17b6780abb89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/e9857037-65f8-46e8-ac1c-381fe38f8569", "content": "", "creation_timestamp": "2026-02-02T12:26:34.337198Z"}, {"uuid": "be443ce4-bb07-4e72-9e7c-e36c89879ad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/itsec_news/4628", "content": "\u200b\u26a1\ufe0f0day \u0432 Cisco \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u0430\u0441\u0448\u0442\u0430\u0431 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439\n\n\ud83d\udcac\u0412 \u043d\u0430\u0447\u0430\u043b\u0435 2024 \u0433\u043e\u0434\u0430 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Velvet Ant \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f (Zero-Day) \u0432 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u0445 Cisco \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c\u0438 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u0433\u0440\u043e\u0437.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-20399 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS 6.7) \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u0443\u043d\u0438\u043a\u0430\u043b\u044c\u043d\u043e\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043e\u0431\u0448\u0438\u0440\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439, \u0447\u0442\u043e \u043e\u0431\u043b\u0435\u0433\u0447\u0438\u043b\u043e \u043a\u0430\u043a \u043a\u0440\u0430\u0436\u0443 \u0434\u0430\u043d\u043d\u044b\u0445, \u0442\u0430\u043a \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Sygnia, Velvet Ant \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u043d\u0430 Linux, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0435\u0439 \u043f\u043e\u0434 \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u043e\u0439 NX-OS. \u0414\u043b\u044f \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u0430\u0442\u0430\u043a\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0430\u043c \u0431\u044b\u043b\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u043c.\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Sygnia \u0432\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431\u0440\u0430\u0442\u0438\u043b\u0438 \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u0443 Velvet Ant \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043c\u043d\u043e\u0433\u043e\u043b\u0435\u0442\u043d\u0435\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0442\u0438\u0432 \u043d\u0435\u043a\u043e\u0439 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u0412\u043e\u0441\u0442\u043e\u0447\u043d\u043e\u0439 \u0410\u0437\u0438\u0438. \u0412 \u0445\u043e\u0434\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 Velvet Ant \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 F5 BIG-IP \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435.\n\n\u041e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0441\u043a\u0440\u044b\u0442\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-20399 \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u043b\u043e \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0438\u044e\u043b\u044f, \u0447\u0442\u043e \u043f\u043e\u0431\u0443\u0434\u0438\u043b\u043e Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b. \u0413\u0440\u0443\u043f\u043f\u0430 Velvet Ant \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043a\u0438 \u0438 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0441\u0432\u043e\u0438 \u043c\u0435\u0442\u043e\u0434\u044b, \u043f\u0435\u0440\u0435\u0445\u043e\u0434\u044f \u043e\u0442 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043d\u043e\u0432\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c Windows \u043a \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c \u0438 \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0438\u0437\u0431\u0435\u0433\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 Sygnia, \u043f\u0435\u0440\u0435\u0445\u043e\u0434 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043d\u043e\u0432\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u043e\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u0438\u0441\u0442\u0435\u043c \u0437\u0430\u0449\u0438\u0442\u044b. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0430 \u0430\u0442\u0430\u043a \u0432\u043a\u043b\u044e\u0447\u0430\u043b\u0430 \u0432\u0437\u043b\u043e\u043c \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430 Cisco \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-20399, \u043f\u0440\u043e\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0440\u0430\u0437\u0432\u0435\u0434\u044b\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0440\u0438\u043f\u0442\u0430, \u0447\u0442\u043e \u0432 \u0438\u0442\u043e\u0433\u0435 \u043f\u0440\u0438\u0432\u0435\u043b\u043e \u043a \u0437\u0430\u043f\u0443\u0441\u043a\u0443 \u0431\u044d\u043a\u0434\u043e\u0440\u0430.\n\n\u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u0430\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 VELVETSHELL, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043a\u043e\u043c\u0431\u0438\u043d\u0430\u0446\u0438\u044e \u0434\u0432\u0443\u0445 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c: Unix-\u0431\u044d\u043a\u0434\u043e\u0440\u0430 Tiny SHell \u0438 \u043f\u0440\u043e\u043a\u0441\u0438-\u0443\u0442\u0438\u043b\u0438\u0442\u044b 3proxy . \u0412\u0440\u0435\u0434\u043e\u043d\u043e\u0441 \u0441\u043a\u0440\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u041e\u0421 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0438 \u0432\u044b\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0442\u0443\u043d\u043d\u0435\u043b\u0438 \u0434\u043b\u044f \u043f\u0440\u043e\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430.\n\n\u0414\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u00abVelvet Ant\u00bb \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u044e\u0442 \u0432\u044b\u0441\u043e\u043a\u0443\u044e \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0440\u0438\u0441\u043a\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u043e\u0433\u043e \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0433\u043e \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0441\u0435\u0442\u0438. \u0417\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0442\u0430\u043a\u0438\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u00ab\u0447\u0451\u0440\u043d\u044b\u043c \u044f\u0449\u0438\u043a\u043e\u043c\u00bb, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u043d\u0438 \u0432 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u043c \u0441\u043a\u0440\u044b\u0442\u044b \u043e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0435\u0442 \u0438\u0445 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-08-23T20:45:35.000000Z"}, {"uuid": "24014851-b834-42f5-bac4-fce569d94d92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://t.me/kasperskyb2b/1387", "content": "\ud83d\udd25 \u0412\u0430\u0436\u043d\u044b\u0435 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udc7b \u041d\u043e\u0432\u044b\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0437\u0438\u0440\u043e\u0434\u0435\u0435\u0432 \u0432 Cisco NX: \u044d\u0442\u0438\u043c \u0437\u0430\u043d\u0438\u043c\u0430\u043b\u0430\u0441\u044c APT VelvetAnt, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0432\u044b\u0448\u0430\u043b\u0430 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e CVE-2024-20399 \u0438 \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043b\u0430 \u043d\u0430 \u0441\u0432\u0438\u0447\u0430\u0445 \u0431\u044d\u043a\u0434\u043e\u0440 VelvetShell \u2014 \u0433\u0438\u0431\u0440\u0438\u0434, \u0438\u0437\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0438\u0437 TinyShell \u0438 3proxy.\n\u042d\u0442\u043e\u0442 \u0434\u0435\u0444\u0435\u043a\u0442 Cisco \u0437\u0430\u043a\u0440\u044b\u043b\u0430 \u0432 \u0438\u044e\u043b\u0435. \u0410 \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u044e\u044e \u043d\u0435\u0434\u0435\u043b\u044e \u0443 Cisco \u0432\u044b\u0448\u043b\u043e 7 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0445 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0432 ISE \u0438 UCM, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0444\u0438\u043a\u0441\u044b \u0434\u043b\u044f BlastRADIUS \u0438 regreSSHion.\n\n\ud83d\udc6e\u200d\u2640\ufe0f \u0421\u043b\u0443\u0436\u0431\u0430\u043c \u0431\u043e\u0440\u044c\u0431\u044b \u0441 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0438\u043c \u0444\u0440\u043e\u0434\u043e\u043c \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u0438\u0442\u044c\u0441\u044f: \u0432 \u0427\u0435\u0445\u0438\u0438 \u043d\u0430\u043a\u0440\u044b\u043b\u0438 \u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0438\u0445 \u043d\u043e\u0432\u0443\u044e \u0441\u0445\u0435\u043c\u0443 \u0441\u043d\u044f\u0442\u0438\u044f \u0441\u0440\u0435\u0434\u0441\u0442\u0432 \u0447\u0435\u0440\u0435\u0437 \u0431\u0430\u043d\u043a\u043e\u043c\u0430\u0442\u044b. \u0416\u0435\u0440\u0442\u0432 \u0437\u0430\u0440\u0430\u0436\u0430\u043b\u0438 \u0445\u0438\u0442\u0440\u044b\u043c \u0412\u041f\u041e Ngate \u0434\u043b\u044f Android, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u0431\u0443\u0436\u0434\u0430\u043b\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0438\u0442\u044c \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u0443\u044e \u043a\u0430\u0440\u0442\u0443 \u043a \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u0435\u043b\u044e NFC \u043d\u0430 \u0442\u0435\u043b\u0435\u0444\u043e\u043d\u0435, \u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u043c \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u043e \u0430\u0442\u0430\u043a\u0443 \u0441 \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0435\u0439. \u0416\u0443\u043b\u0438\u043a\u0438 \u0441\u0442\u043e\u044f\u043b\u0438 \u043d\u0430\u0433\u043e\u0442\u043e\u0432\u0435 \u0443 \u0431\u0430\u043d\u043a\u043e\u043c\u0430\u0442\u0430, \u0447\u0442\u043e\u0431\u044b \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0435\u043c\u0443 \u0434\u0430\u043d\u043d\u044b\u0435 \u0441\u0447\u0438\u0442\u0430\u043d\u043d\u043e\u0439 \u043a\u0430\u0440\u0442\u044b.\n\n\ud83d\udd04 \u041d\u043e\u0432\u0430\u044f \u0442\u0430\u043a\u0442\u0438\u043a\u0430 \u0431\u0430\u043d\u0434\u044b ransomware Qlin: \u043a\u0440\u043e\u043c\u0435 \u043e\u0431\u044b\u0447\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u0434\u0430\u043d\u043d\u044b\u0445, \u043e\u043d\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0432\u043e\u0440\u0443\u044e\u0442 \u043f\u0430\u0440\u043e\u043b\u0438 \u0438\u0437 Chrome \u0432 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438. \u042d\u0442\u043e \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0438\u043c \u043a\u0430\u043a \u0440\u0430\u0441\u0448\u0438\u0440\u044f\u0442\u044c \u043f\u0440\u0438\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u0432 \u0441\u0435\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0442\u0430\u043a \u0438 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u0442\u044c \u0435\u0451 \u043a\u043e\u043d\u0442\u0440\u0430\u0433\u0435\u043d\u0442\u043e\u0432.\n\n\ud83d\uddff \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0430\u044f \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u0431\u0438\u0437\u043d\u0435\u0441\u044b \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 PhantomCore \u043e\u0431\u043d\u043e\u0432\u0438\u043b\u0430 \u0441\u0432\u043e\u0451 \u0412\u041f\u041e \u0438 \u0440\u0430\u0441\u0448\u0438\u0440\u0438\u043b\u0430 \u0441\u043f\u0435\u043a\u0442\u0440 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439.\n\n\u0421\u0443\u043f\u0435\u0440-\u0434\u0435\u0442\u0430\u043b\u044c\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 MoonPeak, \u043c\u043d\u043e\u0433\u043e IoC \u0438 \u0434\u0438\u0430\u0433\u0440\u0430\u043c\u043c. \u0412\u041f\u041e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0432\u0430\u0440\u0438\u0430\u0446\u0438\u0435\u0439 XenoRAT, \u0430 \u0441\u0430\u043c\u0443 \u0433\u0440\u0443\u043f\u043f\u0443 UAT-5394 \u043d\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u0441\u0435\u0432\u0435\u0440\u043e\u043a\u043e\u0440\u0435\u0439\u0441\u043a\u043e\u0439.\n\n\ud83d\udd04 \u041d\u043e\u0432\u043e\u0435 \u0412\u041f\u041e \u0434\u043b\u044f Linux, \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u043e\u0435 sedexp, \u043f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0438\u043d\u043d\u043e\u0432\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u0438 \u0437\u0430\u043a\u0440\u0435\u043f\u043b\u0435\u043d\u0438\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u043e\u0441\u043d\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u0440\u0430\u0432\u0438\u043b\u0430\u0445 udev. \u042d\u0442\u043e\u0439 \u0442\u0430\u043a\u0442\u0438\u043a\u0438 \u043f\u043e\u043a\u0430 \u043d\u0435\u0442 \u0432 ATT&amp;CK. \u0421\u0430\u043c\u043e \u0412\u041f\u041e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0441 2022 \u0433\u043e\u0434\u0430 \u0438 \u043f\u0440\u0435\u0438\u043c\u0443\u0449\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043e\u0431\u0440\u0430\u0442\u043d\u044b\u0445 \u0448\u0435\u043b\u043b\u043e\u0432 \u043d\u0430 \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u044b\u0445 \u0445\u043e\u0441\u0442\u0430\u0445.\n\n\u0421\u0435\u0440\u0432\u0435\u0440\u044b \u043d\u0430 \u0431\u0430\u0437\u0435 PostgreSQL \u0430\u0442\u0430\u043a\u0443\u0435\u0442 \u0412\u041f\u041e PG_MEM, \u043f\u043e\u0434\u0431\u0438\u0440\u0430\u0435\u0442 \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u0435\u0440\u0435\u0431\u043e\u0440\u043e\u043c \u0438 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u0434\u0430\u0447\u0438 \u043c\u0430\u0439\u043d\u0438\u0442 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u0443. \n\n\ud83d\udd0e \u041e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043c\u0430\u0441\u0441\u043e\u0432\u044b\u0439 \u0432\u0437\u043b\u043e\u043c \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432 \u043d\u0430 \u0431\u0430\u0437\u0435 Magento/Adobe Commerce, \u0441\u043e\u0442\u043d\u0438 \u043c\u0430\u0433\u0430\u0437\u0438\u043d\u043e\u0432 \u0441\u043e\u0431\u0438\u0440\u0430\u044e\u0442 \u043f\u043b\u0430\u0442\u0451\u0436\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 \u0432\u0435\u0431-\u0441\u043a\u0438\u043c\u043c\u0435\u0440\u0430. \u041a\u0430\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f, \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e.\n\n\u0410 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b \u043d\u0430 Wordpress \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442 \u0442\u0440\u043e\u044f\u043d ClearFake \u043f\u043e\u0434 \u0432\u0438\u0434\u043e\u043c \u00ab\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u043a\u043e\u0440\u043d\u0435\u0432\u043e\u0433\u043e \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435\u00bb. \u041a\u043e\u0440\u043d\u0435\u0432\u043e\u0439 \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442 \u043f\u0440\u0435\u0434\u043b\u0430\u0433\u0430\u0435\u0442\u0441\u044f \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0432\u0440\u0443\u0447\u043d\u0443\u044e, \u0441\u043a\u043e\u043f\u0438\u0440\u043e\u0432\u0430\u0432 \u0438\u0437 \u043e\u043a\u043e\u0448\u043a\u0430 \u0441\u043a\u0440\u0438\u043f\u0442 \u0438 \u0432\u0441\u0442\u0430\u0432\u0438\u0432 \u0435\u0433\u043e \u0432 PowerShell \ud83d\ude02\n\n\ud83d\udd14 \u0412 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 \u0441\u0445\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 Wordpress \u0441\u0442\u0430\u043d\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0441\u0432\u0435\u0436\u0438\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u043b\u0430\u0433\u0438\u043d\u0430 Litespeed Cache \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0442\u0440\u0438\u0432\u0438\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 Wordpress-\u0441\u0430\u0439\u0442\u043e\u043c. \u041d\u0430 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e \u043e\u043a\u043e\u043b\u043e 5 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0441\u0430\u0439\u0442\u043e\u0432.\n\n\u2620\ufe0f \u0423\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0439 mac-\u0438\u043d\u0444\u043e\u0441\u0442\u0438\u043b\u0435\u0440 Cthulhu \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0432\u0438\u0434\u043e\u043c \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0433\u043e \u041f\u041e \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u043a\u0440\u0430\u0436\u0443 \u0432\u0441\u0435\u0433\u043e, \u0447\u0442\u043e \u043f\u043b\u043e\u0445\u043e \u043b\u0435\u0436\u0438\u0442 \u0441 \u0430\u043a\u0446\u0435\u043d\u0442\u043e\u043c \u043d\u0430 \u043a\u0440\u0438\u043f\u0442\u043e\u0432\u0430\u043b\u044e\u0442\u0443.\n\n\u041e\u0431\u0437\u043e\u0440 \u0442\u0430\u043a\u0442\u0438\u043a \u0438 \u043c\u043e\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0445\u0430\u043a\u0442\u0438\u0432\u0438\u0441\u0442\u043e\u0432.\n\n\ud83d\udcf1 \u041f\u0430\u0442\u0447-\u0434\u0440\u0430\u043c\u0430 Xiaomi: \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0440\u044f\u0434 \u043f\u0430\u0442\u0447\u0435\u0439, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u0443\u044f \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u0432\u0448\u0438\u0445\u0441\u044f \u043a \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u0438 \u043d\u0430 Pwn2Own Toronto 2023,\u00a0 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u043e \u043e\u043a\u0438\u0440\u043f\u0438\u0447\u0438\u043b\u0430 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043e\u0442\u043a\u0430\u0437\u0430\u043b\u0430\u0441\u044c \u043d\u0430\u0437\u043d\u0430\u0447\u0430\u0442\u044c CVE, \u0437\u0430\u0442\u0435\u043c \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u043e\u0442\u043a\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u043f\u0430\u0442\u0447\u0438 \u0438 \u0441\u043d\u043e\u0432\u0430 \u0434\u0435\u043b\u0430\u044e\u0449\u0438\u0435 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u043f\u0440\u0438\u0433\u043e\u0434\u043d\u044b\u043c\u0438 \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \n\u041c\u043e\u0440\u0430\u043b\u044c: \u0438\u0437\u0431\u0430\u0432\u043b\u044f\u044f\u0441\u044c \u043e\u0442 iPhone \u043f\u043e \u0441\u043e\u043e\u0431\u0440\u0430\u0436\u0435\u043d\u0438\u044f\u043c \u0418\u0411, \u0432\u044b\u0431\u0438\u0440\u0430\u0439\u0442\u0435 Android \u0437\u0434\u043e\u0440\u043e\u0432\u043e\u0433\u043e \u0447\u0435\u043b\u043e\u0432\u0435\u043a\u0430.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2024-08-26T10:03:52.000000Z"}, {"uuid": "69e4c0bc-1567-4677-8bdd-1015e7ca0453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://t.me/CyberBulletin/464", "content": "\u26a1\ufe0fChina-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399).\n\n#CyberBulletin", "creation_timestamp": "2024-08-26T09:47:17.000000Z"}, {"uuid": "89da0e8c-8c0b-488f-920a-a8c6597ba13b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://t.me/cyber_hsecurity/1615", "content": "\u0627\u0644\u0645\u0635\u062f\u0631 \u0648\u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644:\n- \u0644\u0645\u0632\u064a\u062f \u0645\u0646 \u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u062d\u0648\u0644 \u0627\u0644\u0625\u0635\u0644\u0627\u062d\u060c \u064a\u0645\u0643\u0646 \u0627\u0644\u0627\u0637\u0644\u0627\u0639 \u0639\u0644\u0649 [\u0627\u0644\u062a\u062d\u062f\u064a\u062b \u0641\u064a GitHub](https://github.com/discourse/discourse/commit/188cb58daa833839c54c266ce22db150a3f3a210).\n\nALSED404:\nGG CISCO\n\u0627\u0633\u062a\u063a\u0644\u062a \u0645\u062c\u0645\u0648\u0639\u0629 \u0627\u0644\u062a\u0647\u062f\u064a\u062f\u0627\u062a \u0627\u0644\u0645\u0631\u062a\u0628\u0637\u0629 \u0628\u0627\u0644\u0635\u064a\u0646\u060c Velvet Ant\u060c \u200b\u200b\u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 (CVE-2024-20399) \u0641\u064a \u0645\u0641\u0627\u062a\u064a\u062d Cisco \u0628\u0627\u0639\u062a\u0628\u0627\u0631\u0647\u0627 \u064a\u0648\u0645\u064b\u0627 \u0635\u0641\u0631\u064a\u064b\u0627 \u0644\u0644\u0633\u064a\u0637\u0631\u0629 \u0648\u0627\u0644\u062a\u0647\u0631\u0628 \u0645\u0646 \u0627\u0644\u0627\u0643\u062a\u0634\u0627\u0641.\n\u0627\u0642\u0631\u0623: https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html\n\nPayload:\nsite.tld/xyz/xyz/xyz/?path=../../../../../../../../../etc/passwd\n============================\n#ALSED404\n\n\u0643\u0634\u0641\u062a \u0634\u0631\u0643\u0629 \u062c\u0648\u062c\u0644 \u0639\u0646 \u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0646\u0634\u0637 \u0644\u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u062e\u0637\u064a\u0631\u0629 \u0641\u064a \u0645\u062a\u0635\u0641\u062d \u0643\u0631\u0648\u0645\u060c CVE-2024-7965\u060c \u0648\u0627\u0644\u062a\u064a \u062a\u0645 \u062a\u0635\u062d\u064a\u062d\u0647\u0627 \u0627\u0644\u0623\u0633\u0628\u0648\u0639 \u0627\u0644\u0645\u0627\u0636\u064a.\n\n\u0642\u062f \u064a\u0624\u062f\u064a \u0647\u0630\u0627 \u0627\u0644\u062e\u0644\u0644 \u0641\u064a \u0645\u062d\u0631\u0643 V8 \u0627\u0644\u062e\u0627\u0635 \u0628\u0645\u062a\u0635\u0641\u062d Chrome \u0625\u0644\u0649 \u062a\u0645\u0643\u064a\u0646 \u0627\u0644\u0647\u062c\u0645\u0627\u062a \u0639\u0646 \u0628\u0639\u062f.\n\u0644\u0645\u0639\u0631\u0641\u0629 \u0627\u0644\u0645\u0632\u064a\u062f: https://thehackernews.com/2024/08/google-warns-of-cve-2024-7965-chrome.html\n\u062a\u0623\u0643\u062f \u0645\u0646 \u062a\u062d\u062f\u064a\u062b \u0645\u062a\u0635\u0641\u062d\u0643 \u0625\u0644\u0649 \u0627\u0644\u0625\u0635\u062f\u0627\u0631 \u0627\u0644\u0623\u062d\u062f\u062b.\n\nThe Smart Shadow:\n\ud83c\udd98CVE -2024-41109\n\u062a\u0648\u0641\u0631 \u062d\u0632\u0645\u0629 Admin Classic Bundle \u0645\u0646 Pimcore \u0648\u0627\u062c\u0647\u0629 \u0645\u0633\u062a\u062e\u062f\u0645 \u062e\u0644\u0641\u064a\u0629 \u0644\u0628\u0631\u0646\u0627\u0645\u062c Pimcore. \u064a\u0624\u062f\u064a \u0627\u0644\u0627\u0646\u062a\u0642\u0627\u0644 \u0625\u0644\u0649 /admin/index/statistics \u0628\u0627\u0633\u062a\u062e\u062f\u0627\u0645 \u0645\u0633\u062a\u062e\u062f\u0645 Pimcore \u0645\u0633\u062c\u0644 \u0627\u0644\u062f\u062e\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u0645\u0639\u0644\u0648\u0645\u0627\u062a \u062d\u0648\u0644 \u062a\u062b\u0628\u064a\u062a Pimcore \u0648\u0625\u0635\u062f\u0627\u0631 PHP \u0648\u0625\u0635\u062f\u0627\u0631 MYSQL \u0648\u0627\u0644\u062d\u0632\u0645 \u0627\u0644\u0645\u062b\u0628\u062a\u0629 \u0648\u062c\u0645\u064a\u0639 \u062c\u062f\u0627\u0648\u0644 \u0642\u0627\u0639\u062f\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648\u0639\u062f\u062f \u0635\u0641\u0648\u0641\u0647\u0627 \u0641\u064a \u0627\u0644\u0646\u0638\u0627\u0645. \u062a\u0645 \u0625\u0635\u0644\u0627\u062d \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0627\u0644\u0625\u0635\u062f\u0627\u0631\u0627\u062a 1.5.2 \u06481.4.6 \u06481.3.10.\n\n\ud83c\udd98CVE -2024-4188\n\u0642\u062f \u062a\u0633\u0645\u062d \u062b\u063a\u0631\u0629 \u0627\u0644\u0646\u0642\u0644 \u063a\u064a\u0631 \u0627\u0644\u0645\u062d\u0645\u064a \u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f \u0641\u064a OpenText\u2122 Documentum\u2122 Server \u0628\u062d\u0634\u0648 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0627\u0639\u062a\u0645\u0627\u062f. \u062a\u0624\u062b\u0631 \u0647\u0630\u0647 \u0627\u0644\u0645\u0634\u0643\u0644\u0629 \u0639\u0644\u0649 Documentum\u2122 Server: \u0645\u0646 16.7 \u0625\u0644\u0649 23.4.\n\n\ud83d\udea8CVE -2024-34149\n\u0641\u064a Bitcoin Core \u062d\u062a\u0649 27.0 \u0648Bitcoin Knots \u0642\u0628\u0644 25.1.knots20231115\u060c \u064a\u0641\u062a\u0642\u0631 tapscript \u0625\u0644\u0649 \u0641\u062d\u0635 \u062d\u062f \u062d\u062c\u0645 \u0627\u0644\u0633\u064a\u0627\u0633\u0629\u060c \u0648\u0647\u064a \u0645\u0634\u0643\u0644\u0629 \u0645\u062e\u062a\u0644\u0641\u0629 \u0639\u0646 CVE-2023-50428. \u0645\u0644\u0627\u062d\u0638\u0629: \u062a\u0639\u0627\u0631\u0636 \u0628\u0639\u0636 \u0627\u0644\u0623\u0637\u0631\u0627\u0641 \u0641\u062d\u0635 \u0627\u0644\u062d\u062f \u0627\u0644\u062c\u062f\u064a\u062f \u0647\u0630\u0627 (\u0639\u0644\u0649 \u0633\u0628\u064a\u0644 \u0627\u0644\u0645\u062b\u0627\u0644\u060c \u0644\u0623\u0646\u0647\u0645 \u064a\u062a\u0641\u0642\u0648\u0646 \u0645\u0639 \u0627\u0644\u0647\u062f\u0641 \u0644\u0643\u0646\u0647\u0645 \u064a\u062e\u062a\u0644\u0641\u0648\u0646 \u0645\u0639 \u0627\u0644\u0622\u0644\u064a\u0629 \u0627\u0644\u0641\u0646\u064a\u0629\u060c \u0623\u0648 \u0644\u0623\u0646 \u0644\u062f\u064a\u0647\u0645 \u0647\u062f\u0641\u064b\u0627 \u0645\u062e\u062a\u0644\u0641\u064b\u0627).\n\n\ud83d\udea8CVE -2024-6904\n\u062a\u0645 \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u062a\u0645 \u062a\u0635\u0646\u064a\u0641\u0647\u0627 \u0639\u0644\u0649 \u0623\u0646\u0647\u0627 \u062d\u0631\u062c\u0629 \u0641\u064a SourceCodester Record Management System 1.0. \u062a\u0624\u062b\u0631 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0639\u0644\u0649 \u062c\u0632\u0621 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641 \u0645\u0646 \u0627\u0644\u0645\u0644\u0641 sort2_user.php. \u064a\u0624\u062f\u064a \u0627\u0644\u062a\u0644\u0627\u0639\u0628 \u0628\u062a\u0623\u0647\u064a\u0644 \u0627\u0644\u0648\u0633\u064a\u0637\u0629 \u0625\u0644\u0649 \u062d\u0642\u0646 SQL. \u0645\u0646 \u0627\u0644\u0645\u0645\u0643\u0646 \u0628\u062f\u0621 \u0627\u0644\u0647\u062c\u0648\u0645 \u0639\u0646 \u0628\u0639\u062f. \u062a\u0645 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0644\u0639\u0627\u0645\u0629 \u0648\u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627. \u062a\u0645 \u062a\u0639\u064a\u064a\u0646 \u0627\u0644\u0645\u0639\u0631\u0641 VDB-271929 \u0644\u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629.\n\nALSED404:\n\u062a\u0633\u062a\u063a\u0644 \u0645\u062c\u0645\u0648\u0639\u0629 Mustang Panda APT \u0628\u0631\u0646\u0627\u0645\u062c VS Code \u0644\u0627\u0633\u062a\u0647\u062f\u0627\u0641 \u062d\u0643\u0648\u0645\u0627\u062a \u062c\u0646\u0648\u0628 \u0634\u0631\u0642 \u0622\u0633\u064a\u0627. \u0648\u064a\u0633\u0645\u062d \u0647\u0630\u0627 \u0644\u0644\u0645\u062a\u0633\u0644\u0644\u064a\u0646 \u0628\u062a\u0634\u063a\u064a\u0644 \u0627\u0644\u0623\u0648\u0627\u0645\u0631 \u0648\u0633\u0631\u0642\u0629 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0648\u0646\u0634\u0631 \u0627\u0644\u0628\u0631\u0627\u0645\u062c \u0627\u0644\u0636\u0627\u0631\u0629 \u0639\u0628\u0631 \u0648\u0627\u062c\u0647\u0629 VS Code \u0627\u0644\u0639\u0643\u0633\u064a\u0629.\n\u0627\u0642\u0631\u0623 \u0627\u0644\u062a\u0641\u0627\u0635\u064a\u0644: https://thehackernews.com/2024/09/chinese-hackers-exploit-visual-studio.html\n\u0642\u0645 \u0628\u062a\u0639\u0632\u064a\u0632 \u0627\u0644\u062f\u0641\u0627\u0639\u0627\u062a \u0627\u0644\u0622\u0646 - \u0631\u0627\u0642\u0628 \u0647\u0630\u0647 \u0627\u0644\u062a\u0643\u062a\u064a\u0643\u0627\u062a!\n\nThe Smart Shadow:\n\ud83d\udea8CVE -2024-6904\n\u062a\u0645 \u0627\u0644\u0639\u062b\u0648\u0631 \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u062a\u0645 \u062a\u0635\u0646\u064a\u0641\u0647\u0627 \u0639\u0644\u0649 \u0623\u0646\u0647\u0627 \u062d\u0631\u062c\u0629 \u0641\u064a SourceCodester Record Management System 1.0. \u062a\u0624\u062b\u0631 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0639\u0644\u0649 \u062c\u0632\u0621 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641 \u0645\u0646 \u0627\u0644\u0645\u0644\u0641 sort2_user.php. \u064a\u0624\u062f\u064a \u0627\u0644\u062a\u0644\u0627\u0639\u0628 \u0628\u062a\u0623\u0647\u064a\u0644 \u0627\u0644\u0648\u0633\u064a\u0637\u0629 \u0625\u0644\u0649 \u062d\u0642\u0646 SQL. \u0645\u0646 \u0627\u0644\u0645\u0645\u0643\u0646 \u0628\u062f\u0621 \u0627\u0644\u0647\u062c\u0648\u0645 \u0639\u0646 \u0628\u0639\u062f. \u062a\u0645 \u0627\u0644\u0643\u0634\u0641 \u0639\u0646 \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u0644\u0639\u0627\u0645\u0629 \u0648\u064a\u0645\u0643\u0646 \u0627\u0633\u062a\u062e\u062f\u0627\u0645\u0647\u0627. \u062a\u0645 \u062a\u0639\u064a\u064a\u0646 \u0627\u0644\u0645\u0639\u0631\u0641 VDB-271929 \u0644\u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629.\n\n\u062a\u0640\u0640\u0634\u0640\u0640\u0627\u0631\u0648\u0646\u1d9c\u02b0\u1d43\u02b3\u1d52\u207f\ud81a\udd54\u0f04:\n- CVE-2024-46049 - Tenda O6 V3.0 firmware V1.0.0.7(2054) contains a stack overflow vulnerability in the formexeCommand function.\n\n- CVE-2024-46049 - \u064a\u062d\u062a\u0648\u064a \u0627\u0644\u0628\u0631\u0646\u0627\u0645\u062c \u0627\u0644\u062b\u0627\u0628\u062a Tenda O6 V3.0 V1.0.0.7(2054) \u0639\u0644\u0649 \u062b\u063a\u0631\u0629 \u062a\u062c\u0627\u0648\u0632 \u0633\u0639\u0629 \u0627\u0644\u0645\u0643\u062f\u0633 \u0641\u064a \u0648\u0638\u064a\u0641\u0629 formexeCommand.\n\nALSED404:\nCVE-2023-26324: \u062b\u063a\u0631\u0629 \u062a\u0646\u0641\u064a\u0630 \u0643\u0648\u062f \u0641\u064a \u062a\u0637\u0628\u064a\u0642 XiaomiGetApps\n\u0645\u0627 \u0647\u064a \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629\u061f\n\u0647\u064a \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u062e\u0637\u064a\u0631\u0629 \u062a\u0645 \u0627\u0643\u062a\u0634\u0627\u0641\u0647\u0627 \u0641\u064a \u062a\u0637\u0628\u064a\u0642 XiaomiGetApps\u060c \u0648\u0647\u0648 \u0627\u0644\u062a\u0637\u0628\u064a\u0642 \u0627\u0644\u0631\u0633\u0645\u064a \u0644\u062a\u062d\u0645\u064a\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0639\u0644\u0649 \u0647\u0648\u0627\u062a\u0641 \u0634\u0627\u0648\u0645\u064a. \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u0646\u0641\u064a\u0630 \u0623\u064a \u0643\u0648\u062f \u062e\u0628\u064a\u062b \u0639\u0644\u0649 \u062c\u0647\u0627\u0632 \u0627\u0644\u0636\u062d\u064a\u0629\u060c \u0645\u0645\u0627 \u064a\u0639\u0637\u064a\u0647\u0645 \u0633\u064a\u0637\u0631\u0629 \u0643\u0627\u0645\u0644\u0629 \u0639\u0644\u064a\u0647.\n\u0643\u064a\u0641 \u062a\u0639\u0645\u0644 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629\u061f\n\u062a\u062d\u062f\u062b \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629 \u0628\u0633\u0628\u0628 \u0648\u062c\u0648\u062f \u062e\u0644\u0644 \u0641\u064a \u0622\u0644\u064a\u0629 \u0627\u0644\u062a\u062d\u0642\u0642 \u0645\u0646 \u0635\u062d\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0627\u0644\u062a\u064a \u064a\u062a\u0645 \u062a\u062d\u0645\u064a\u0644\u0647\u0627 \u0645\u0646 \u062e\u0644\u0627\u0644 \u0627\u0644\u062a\u0637\u0628\u064a\u0642. \u0647\u0630\u0627 \u0627\u0644\u062e\u0644\u0644 \u064a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u0636\u0645\u064a\u0646 \u0643\u0648\u062f \u0636\u0627\u0631 \u062f\u0627\u062e\u0644 \u062d\u0632\u0645\u0629 \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u060c \u0648\u0639\u0646\u062f\u0645\u0627 \u064a\u0642\u0648\u0645 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0628\u062a\u062b\u0628\u064a\u062a \u0627\u0644\u062a\u0637\u0628\u064a\u0642\u060c \u064a\u062a\u0645 \u062a\u0646\u0641\u064a\u0630 \u0647\u0630\u0627 \u0627\u0644\u0643\u0648\u062f \u0627\u0644\u0636\u0627\u0631.\n\u0645\u0627 \u0647\u064a \u0627\u0644\u0645\u062e\u0627\u0637\u0631 \u0627\u0644\u0646\u0627\u062a\u062c\u0629 \u0639\u0646 \u0647\u0630\u0647 \u0627\u0644\u062b\u063a\u0631\u0629\u061f\n * \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u062d\u0633\u0627\u0633\u0629: \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0627\u0644\u0648\u0635\u0648\u0644 \u0625\u0644\u0649 \u062c\u0645\u064a\u0639 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0644\u0645\u0648\u062c\u0648\u062f\u0629 \u0639\u0644\u0649 \u0627\u0644\u062c\u0647\u0627\u0632\u060c \u0645\u062b\u0644 \u0627\u0644\u0635\u0648\u0631 \u0648\u0627\u0644\u0631\u0633\u0627\u0626\u0644 \u0648\u0627\u0644\u0645\u0639\u0644\u0648\u0645\u0627\u062a \u0627\u0644\u0634\u062e\u0635\u064a\u0629.\n * \u0627\u0644\u062a\u062d\u0643\u0645 \u0627\u0644\u0643\u0627\u0645\u0644 \u0641\u064a \u0627\u0644\u062c\u0647\u0627\u0632: \u064a\u0645\u0643\u0646 \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0627\u0644\u062a\u062d\u0643\u0645 \u0641\u064a \u0627\u0644\u062c\u0647\u0627\u0632 \u0639\u0646 \u0628\u0639\u062f\u060c \u0648\u062a\u062b\u0628\u064a\u062a \u062a\u0637\u0628\u064a\u0642\u0627\u062a \u0623\u062e\u0631\u0649\u060c \u0648\u062a\u063a\u064a\u064a\u0631 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a\u060c \u0648\u062d\u062a\u0649 \u062d\u0630\u0641 \u0627\u0644\u0628\u064a\u0627\u0646\u0627\u062a.", "creation_timestamp": "2024-12-13T19:00:23.000000Z"}, {"uuid": "1f0eaf33-6eea-4100-9010-f42c945bb355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/11351", "content": "\u200aChina-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399)\n\nhttps://securityonline.info/china-nexus-group-velvet-ant-exploits-cisco-zero-day-cve-2024-20399/", "creation_timestamp": "2024-08-26T16:57:49.000000Z"}, {"uuid": "c39515e8-bf65-49e5-bda5-41107a4a240a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "Telegram/dy0HcB0JbMhr9TSnt2JGGTVQNQJQOp-PZb86NVh8ojAx7g", "content": "", "creation_timestamp": "2024-07-02T08:20:43.000000Z"}, {"uuid": "5d614df1-207e-4b7e-b267-4ccc583f5638", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "Telegram/CDKyvsslfR2OMsy9DgATHABylpYyQjrFRT8jFpTtc9vHkb5G", "content": "", "creation_timestamp": "2024-08-22T18:27:12.000000Z"}, {"uuid": "454f4e7d-5d78-459a-8b1e-917d2cc99ef4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/HackingInsights/4447", "content": "\u200aCVE-2024-20399: Cisco NX-OS Zero-Day Vulnerability Under Active Attack\n\nhttps://securityonline.info/cve-2024-20399-cisco-nx-os-zero-day-vulnerability-under-active-attack/", "creation_timestamp": "2024-07-02T11:12:41.000000Z"}, {"uuid": "210deb6d-a49d-4e76-8d20-4f9834806195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3697", "content": "The Hacker News\nChinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control\n\nDetails have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.\nThe activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control", "creation_timestamp": "2024-08-22T22:12:22.000000Z"}, {"uuid": "f7384c3f-5771-4a3f-ac0a-1700755d0992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/18499", "content": "The Hacker News\nChinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control\n\nDetails have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.\nThe activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control", "creation_timestamp": "2024-08-22T22:12:22.000000Z"}, {"uuid": "85ee3cbf-651d-47d8-864c-6eaa66363b4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/13819", "content": "The Hacker News\nChinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware\n\nA China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware.\nThe vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected", "creation_timestamp": "2024-07-02T08:20:45.000000Z"}, {"uuid": "023c373a-ef2d-4e70-a91a-1ff34ff7f977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/KomunitiSiber/2193", "content": "Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware\nhttps://thehackernews.com/2024/07/chinese-hackers-exploiting-cisco.html\n\nA China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware.\nThe vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected", "creation_timestamp": "2024-07-02T08:35:44.000000Z"}, {"uuid": "6e82a406-160f-47cc-ae0f-1aa70d15bf1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/2713", "content": "The Hacker News\nChinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware\n\nA China-nexus cyber espionage group named Velvet Ant has been observed exploiting a zero-day flaw in Cisco NX-OS Software used in its switches to deliver malware.\nThe vulnerability, tracked as CVE-2024-20399 (CVSS score: 6.0), concerns a case of command injection that allows an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected", "creation_timestamp": "2024-07-02T08:20:45.000000Z"}, {"uuid": "f491cc5d-50dc-42cf-aab7-dbb8330b9be6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "Telegram/G_sHLLKdYcNkkP59y-JA2Ng09SelwSmj1QKzw8ch9Qaiwg", "content": "", "creation_timestamp": "2024-07-02T09:37:03.000000Z"}, {"uuid": "6d597fbf-f18e-4359-a0a5-049c542d4b5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "Telegram/0TabUqzwVxFodSM3eSuTJegxOvozsh42UYfjsAQmBVOPLQ", "content": "", "creation_timestamp": "2024-08-22T22:55:57.000000Z"}, {"uuid": "72676d3a-b2e2-4bd3-8a49-63fed87fbed1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/InfoSecInsider/23530", "content": "\u26a1\ufe0fChina-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399).\n\n#CyberBulletin", "creation_timestamp": "2024-08-26T09:47:20.000000Z"}, {"uuid": "0c5eb237-07c7-4b4c-9e62-e267864556e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/KomunitiSiber/2447", "content": "Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control\nhttps://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html\n\nDetails have emerged about a China-nexus threat group's exploitation of a recently disclosed, now-patched security flaw in Cisco switches as a zero-day to seize control of the appliance and evade detection.\nThe activity, attributed to Velvet Ant, was observed early this year and involved the weaponization of CVE-2024-20399 (CVSS score: 6.0) to deliver bespoke malware and gain extensive control", "creation_timestamp": "2024-08-22T19:51:26.000000Z"}, {"uuid": "2d394646-fe6c-415a-babc-0ec3c1c0e541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/CyberSecurity026/5115", "content": "\u062a\u0636\u064a\u0641 CISA \u062e\u0637\u0623 \u062d\u0642\u0646 \u0623\u0648\u0627\u0645\u0631 CISCO NX-OS \u0625\u0644\u0649 \u0643\u062a\u0627\u0644\u0648\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629\n\n\u0623\u0636\u0627\u0641\u062a \u0648\u0643\u0627\u0644\u0629 \u0627\u0644\u0623\u0645\u0646 \u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0648\u0623\u0645\u0646 \u0627\u0644\u0628\u0646\u064a\u0629 \u0627\u0644\u062a\u062d\u062a\u064a\u0629 (CISA) \u0627\u0644\u0623\u0645\u0631\u064a\u0643\u064a\u0629 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0644\u062d\u0642\u0646 \u0623\u0648\u0627\u0645\u0631 Cisco NX-OS\u060c \u0648\u0627\u0644\u062a\u064a \u064a\u062a\u0645 \u062a\u062a\u0628\u0639\u0647\u0627 \u0628\u0627\u0633\u0645 CVE-2024-20399\u060c \u0625\u0644\u0649 \u0643\u062a\u0627\u0644\u0648\u062c \u0627\u0644\u062b\u063a\u0631\u0627\u062a \u0627\u0644\u0623\u0645\u0646\u064a\u0629 \u0627\u0644\u0645\u0633\u062a\u063a\u0644\u0629 \u0627\u0644\u0645\u0639\u0631\u0648\u0641\u0629 (KEV).\n\n\u0647\u0630\u0627 \u0627\u0644\u0623\u0633\u0628\u0648\u0639\u060c \u0639\u0627\u0644\u062c\u062a \u0634\u0631\u0643\u0629 Cisco \u062b\u063a\u0631\u0629 \u064a\u0648\u0645 \u0627\u0644\u0635\u0641\u0631 \u0644\u0646\u0638\u0627\u0645 \u0627\u0644\u062a\u0634\u063a\u064a\u0644 NX-OS\u060c \u0648\u0627\u0644\u062a\u064a \u062a\u0645 \u062a\u062a\u0628\u0639\u0647\u0627 \u0628\u0627\u0633\u0645 CVE-2024-20399 (\u062f\u0631\u062c\u0629 CVSS 6.0)\u060c \u0648\u0627\u0644\u062a\u064a \u0627\u0633\u062a\u063a\u0644\u062a\u0647\u0627 \u0645\u062c\u0645\u0648\u0639\u0629 Velvet Ant \u0627\u0644\u0645\u0631\u062a\u0628\u0637\u0629 \u0628\u0627\u0644\u0635\u064a\u0646 \u0644\u0646\u0634\u0631 \u0628\u0631\u0627\u0645\u062c \u0636\u0627\u0631\u0629 \u063a\u064a\u0631 \u0645\u0639\u0631\u0648\u0641\u0629 \u0633\u0627\u0628\u0642\u064b\u0627 \u0643\u062c\u0630\u0631 \u0639\u0644\u0649 \u0627\u0644\u0645\u062d\u0648\u0644\u0627\u062a \u0627\u0644\u0636\u0639\u064a\u0641\u0629.\n\n#\u0643\u0634\u0641_\u0627\u0644\u062b\u063a\u0631\u0627\u062a_\u0627\u0644\u0627\u0645\u0646\u064a\u0629 \n#\u0642\u0646\u0627\u0629_\u0627\u0644\u0627\u0645\u0646_\u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a \n\n\ud83d\udcdd \u0627\u0641\u062a\u062d \u0627\u0644\u0631\u0627\u0628\u0637 \u0627\u0644\u062a\u0627\u0644\u064a \u0644\u0644\u0645\u062a\u0627\u0628\u0639\u0629\nhttps://tinyurl.com/4t3h2r46", "creation_timestamp": "2024-07-10T11:04:19.000000Z"}, {"uuid": "900c9383-48ed-4aa1-9613-d0666d02d9fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "seen", "source": "https://t.me/true_secator/5922", "content": "Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 0-day \u0432 NX-OS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Sygnia \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0431\u043e\u043b\u0435\u0435 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0435\u044f\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 APT, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a Velvet Ant.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, Velvet Ant \u043d\u0430 \u043f\u0440\u043e\u0442\u044f\u0436\u0435\u043d\u0438\u0438 \u043c\u043d\u043e\u0433\u0438\u0445 \u043b\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0430\u043b\u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0442\u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438, \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044f\u00a0\u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0435 F5 BIG-IP, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442,\u00a0\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u043e\u0432 \u0434\u043b\u044f \u0440\u0435\u0442\u0440\u0430\u043d\u0441\u043b\u044f\u0446\u0438\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e-\u0434\u0438\u0441\u043f\u0435\u0442\u0447\u0435\u0440\u0441\u043a\u0438\u0445 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u04212.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Cisco NX-OS \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445, \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u043d\u0438\u043c, \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\nCVE-2024-20399 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root \u043d\u0430 \u0431\u0430\u0437\u043e\u0432\u044b\u0445 \u041e\u0421 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0435\u0440\u0435\u0434\u0430\u044e\u0442\u0441\u044f \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u043c CLI \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438. \u0415\u0439  \u043c\u043e\u0436\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f, \u0432\u043a\u043b\u044e\u0447\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b CLI \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.\n\n\u0421\u043f\u0438\u0441\u043e\u043a \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e NX-OS: MDS 9000, Nexus 3000, Nexus 5500, Nexus 5600, Nexus 6000, Nexus 7000, \u0430 \u0442\u0430\u043a\u0436\u0435 Nexus 9000 \u0432 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 NX-OS.\n\n\u0421\u0442\u043e\u0438\u0442 \u043e\u0442\u043c\u0435\u0442\u0438\u0442\u044c, \u0447\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b, \u043d\u0435 \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u043e\u0433\u043e \u0436\u0443\u0440\u043d\u0430\u043b\u0430, \u0441\u043a\u0440\u044b\u0432\u0430\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0438 \u0432\u0437\u043b\u043e\u043c\u0430\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 NX-OS.\n\nCisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0442\u044c \u0438 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0435\u0442\u0438 \u0438 vdc-admin.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0443\u00a0Cisco Software Checker, \u0447\u0442\u043e\u0431\u044b \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0438\u0442\u044c, \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u043b\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0438\u0445 \u0441\u0435\u0442\u0438 \u0430\u0442\u0430\u043a\u0430\u043c, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-20399.", "creation_timestamp": "2024-07-02T13:15:36.000000Z"}, {"uuid": "7766aa90-6907-460d-ac02-281fb3e69561", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/thehackernews/5460", "content": "A China-linked threat group, Velvet Ant, has exploited a vulnerability (CVE-2024-20399) in Cisco switches as zero-day to gain control and evade detection. \n \nRead: https://thehackernews.com/2024/08/chinese-hackers-exploit-zero-day-cisco.html", "creation_timestamp": "2024-08-22T18:18:30.000000Z"}, {"uuid": "fdd5691d-8848-44f9-8c3c-4f8c26829202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/theninjaway1337/1656", "content": "Cisco NX-OS Zero-Day Command Injection Flaw Under Active Attack\n\nA critical vulnerability in the Command Line Interface (CLI) of\u00a0Cisco NX-OS\u00a0Software is currently under active exploitation, allowing attackers to execute arbitrary commands as root on affected devices.\n\nThis zero-day flaw, identified as CVE-2024-20399, poses a significant threat to network security, particularly for organizations utilizing Cisco\u2019s Nexus and MDS series switches.\n\nThe vulnerability arises from insufficient validation of arguments passed to specific configuration CLI commands.\n\nhttps://cybersecuritynews.com/cisco-nx-os-zero-day-flaw", "creation_timestamp": "2024-07-07T16:55:36.000000Z"}, {"uuid": "bd93619d-def1-46ff-b707-9aa2e04acd45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/xakep_ru/16046", "content": "Cisco \u043f\u0430\u0442\u0447\u0438\u0442 0-day \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 NX-OS, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 NX-OS, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0443\u044e \u0441 \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u043c\u0430\u043d\u0434. \u0415\u0449\u0435 \u0432 \u0430\u043f\u0440\u0435\u043b\u0435 \u044d\u0442\u043e\u0442 \u0431\u0430\u0433 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u041a\u0438\u0442\u0430\u0435\u043c \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0441\u043a\u0430\u044f \u0445\u0430\u043a-\u0433\u0440\u0443\u043f\u043f\u0430 Velvet Ant, \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u043c\u0430\u043b\u0432\u0430\u0440\u044c \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 root.\n\nhttps://xakep.ru/2024/07/02/cve-2024-20399/", "creation_timestamp": "2024-07-02T19:18:29.000000Z"}, {"uuid": "1f25478f-814b-43ce-8889-45b820adf907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/SecLabNews/15352", "content": "Cisco \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435 \u0430\u0442\u0430\u043a \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0445 \u0448\u043f\u0438\u043e\u043d\u043e\u0432\n\n\u23f1 Cisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 NX-OS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0441 root-\u043f\u0440\u0430\u0432\u0430\u043c\u0438. \u0410\u0442\u0430\u043a\u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u044e\u0442 \u0441 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u043e\u0439 \u0445\u0430\u043a\u0435\u0440\u0441\u043a\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u043e\u0439 Velvet Ant, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0437\u0438\u0440\u0443\u044e\u0449\u0435\u0439\u0441\u044f \u043d\u0430 \u0434\u043e\u043b\u0433\u043e\u0441\u0440\u043e\u0447\u043d\u043e\u043c \u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0435.\n\n\ud83d\udc68\u200d\ud83d\udcbb \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u043c Cisco Nexus. \u042d\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0438\u043c \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442\u044c \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0435 \u0440\u0430\u043d\u0435\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430.\n\n\ud83d\udee1 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2024-20399 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 root-\u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0431\u0435\u0437 \u0437\u0430\u043f\u0438\u0441\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0439 \u0436\u0443\u0440\u043d\u0430\u043b. Cisco \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0440\u0435\u0433\u0443\u043b\u044f\u0440\u043d\u043e \u043c\u0435\u043d\u044f\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043d\u0430 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0430\u043c.\n\n#Cisco #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \n\n@ZerodayAlert", "creation_timestamp": "2024-07-02T12:08:27.000000Z"}, {"uuid": "ce7bc2a5-8563-4211-a408-d3c65046b8b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/CybNux/6555", "content": "\u0645\u062c\u0645\u0648\u0639\u0629 \u062a\u062c\u0633\u0633 \u0633\u064a\u0628\u0631\u0627\u0646\u064a \u0635\u064a\u0646\u064a\u0629 \u062a\u064f\u062f\u0639\u0649 \"Velvet Ant\" \u062a\u0645 \u0631\u0635\u062f\u0647\u0627 \u062a\u0633\u062a\u063a\u0644 \u062b\u063a\u0631\u0629 \u0623\u0645\u0646\u064a\u0629 \u0641\u064a \u0628\u0631\u0646\u0627\u0645\u062c Cisco NX-OS \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645 \u0641\u064a \u0627\u0644\u0633\u0648\u064a\u062a\u0634\u0627\u062a \u0644\u062a\u062b\u0628\u064a\u062a \u0628\u0631\u0645\u062c\u064a\u0627\u062a \u062e\u0628\u064a\u062b\u0629.\n\n\ud83d\udd12 \u0627\u0644\u062b\u063a\u0631\u0629 CVE-2024-20399:\n\n\u062f\u0631\u062c\u0629 \u0627\u0644\u062e\u0637\u0648\u0631\u0629: 6.0\n\u062a\u0633\u0645\u062d \u0628\u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0643\u0640 root \u0639\u0644\u0649 \u0627\u0644\u062c\u0647\u0627\u0632 \u0627\u0644\u0645\u062a\u0623\u062b\u0631.\n\u062a\u062a\u0637\u0644\u0628 \u0648\u0635\u0648\u0644 \u0627\u0644\u0645\u0647\u0627\u062c\u0645 \u0625\u0644\u0649 \u0628\u064a\u0627\u0646\u0627\u062a \u0627\u0639\u062a\u0645\u0627\u062f \u0627\u0644\u0645\u0633\u0624\u0648\u0644.\n\ud83d\udee1 \u0627\u0644\u0623\u062c\u0647\u0632\u0629 \u0627\u0644\u0645\u062a\u0623\u062b\u0631\u0629:\n\nNexus 3000, 5500, 5600, 6000, 7000, 9000.\nMDS 9000 Series.\n\ud83d\udca1 \u0645\u062c\u0645\u0648\u0639\u0629 \"Velvet Ant\":\n\n\u0627\u0633\u062a\u063a\u0644\u062a \u0627\u0644\u062b\u063a\u0631\u0629 \u0644\u062a\u0646\u0641\u064a\u0630 \u0628\u0631\u0645\u062c\u064a\u0627\u062a \u062e\u0628\u064a\u062b\u0629.\n\u062a\u0645\u0643\u0646\u062a \u0645\u0646 \u0627\u0644\u0627\u062a\u0635\u0627\u0644 \u0639\u0646 \u0628\u064f\u0639\u062f \u0628\u0627\u0644\u0623\u062c\u0647\u0632\u0629 \u0627\u0644\u0645\u062e\u062a\u0631\u0642\u0629 \u0648\u0631\u0641\u0639 \u0645\u0644\u0641\u0627\u062a \u0625\u0636\u0627\u0641\u064a\u0629.\n\n\n\u0645\u0631\u0627\u0642\u0628\u0629 \u0627\u062c\u0647\u0632\u0629 \u0627\u0644\u0634\u0628\u0643\u0629  \u0628\u0634\u0643\u0644 \u0623\u0641\u0636\u0644 \u0642\u062f \u062a\u0645\u0646\u0639 \u0647\u0630\u0647 \u0627\u0644\u0647\u062c\u0645\u0627\u062a.", "creation_timestamp": "2024-07-19T03:42:37.000000Z"}, {"uuid": "7549cc9e-f293-407f-9440-b62dac8c1951", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20399", "type": "exploited", "source": "https://t.me/InfoSecInsider/61", "content": "\u26a1\ufe0fChina-Nexus Group Velvet Ant Exploits Cisco Zero-Day (CVE-2024-20399).\n\n#CyberBulletin", "creation_timestamp": "2024-08-26T09:47:20.000000Z"}]}