The Download
Cisco identified several high-severity vulnerabilities in its NX-OS software, which could allow unauthorized attackers to gain elevated privileges and execute commands remotely. The most severe flaw, CVE-2024-20446 impacts the DHCPv7 relay agent in NX-OS found in Cisco Nexus 3000 and 7000 series network switches. The flaw, found in the NX-API feature, could be exploited by attackers sending specially crafted HTTP requests. Although Cisco has not observed active exploitation, the vulnerability impacts a wide range of Cisco products. Exploitation could lead to denial of service attacks against the Cisco switches affecting network uptime.
What You Can Do
Cisco released a patch to address the denial of service vulnerability. As always you should understand the inventory of assets on your networks and their vulnerability to attack. Use ThreatMate vulnerability discovery scans to learn what devices are on your client networks, what their vulnerability to attack is, and then apply patches and mitigations in accordance with ThreatMate mission plans.
To Learn More: