Cisco has released patches for several series of Nexus switches to fix a vulnerability that could allow attackers to hide the use of bash commands in the underlying operating system.
Although the flaw is rated as moderate because it requires administrative credentials to exploit, it has been exploited in the wild since April, showing that attackers don’t just understand critical or high-risk bugs.
Tracked as CVE-2024-20399, the flaw is caused by insufficient validation of arguments passed to configuration commands in the NX-OS software command-line interface that powers various Cisco switch series: MDS 9000 Series Multilayer Switches, Nexus 3000 Series Switches, Platform Switches for Nexus 5500, Nexus 5600 Platform Switch, Nexus 6000 Series Switch, Nexus 7000 Series Switch and Nexus 9000 Series Switch in NX-OS standalone mode.
Source link