MassLogger Malware – Active IOCs

September 26, 2024

Amadey Botnet – Active IOCs

September 27, 2024

CVE-2024-20350 – Cisco Catalyst Center Vulnerability

September 26, 2024

Severity

High

Analysis Summary

CVE-2024-20350

Cisco Catalyst Center could allow a remote attacker to bypass security restrictions, caused by the presence of a static SSH host key. By utilizing machine-in-the-middle attack techniques on SSH connections, an attacker could exploit this vulnerability to impersonate the affected appliance, inject commands into the terminal session, and steal valid user credentials.

Impact

Security Bypass

Indicators of Compromise

CVE

CVE-2024-20350

Affected Vendors

Cisco

Affected Products

Cisco Catalyst Center
Cisco Digital Network Architecture Center (DNA Center) - 1.4.0.0 - 2.1.1.0 - 2.1.1.3 - 2.1.2.0 - 2.1.2.3 - 2.1.2.4 - 2.1.2.5 - 2.2.1.0 - 2.1.2.6 - 2.2.2.0 - 2.2.2.1 - 2.2.2.3 - 2.1.2.7 - 2.2.1.3 - 2.2.3.0 - 2.2.2.4 - 2.2.2.5 - 2.2.3.3 - 2.2.2.7 - 2.2.2.

Remediation

Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.

Cisco Security Advisory

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

CoinMiner Malware – Active IOCs

Google Warns of Active Exploits Targeting Chrome V8 Vulnerability

CVE-2025-6554 – Google Chrome Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us