August 28, 2024 at 05:13AM China’s Volt Typhoon group has been exploiting a zero-day bug in Versa Networks’ Director Servers to harvest credentials for future attacks. The bug, tracked as CVE-2024-39717, affects pre-22.1.4 versions and allows unauthorized access via management ports, prompting CISA to issue mitigation directives. Lumen researchers state the exploitation is likely ongoing … Read more
August 27, 2024 at 01:38PM China’s Volt Typhoon exploited a critical bug affecting Versa’s SD-WAN customers using Versa Director, planting custom web shells to harvest credentials on networks. Lumen Technologies linked this to the new malware, VersaMem. Versa has issued a patch and recommends customers to upgrade, but the vulnerability was already exploited, attributed to … Read more
August 27, 2024 at 10:05AM Chinese hacking group Volt Typhoon exploited a zero-day vulnerability in Versa Director to upload a destructive webshell, allowing them to steal credentials and breach corporate networks. Versa has released an advisory outlining impacted versions and the recommended upgrade to fix the issue. Lumen’s Black Lotus Labs identified the exploit and … Read more
August 24, 2024 at 03:42AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a medium-severity vulnerability, CVE-2024-39717, impacting Versa Director to its Known Exploited Vulnerabilities catalog. Threat actors could upload a malicious file through the “Change Favicon” feature. Agencies are advised to apply vendor-provided fixes by September 13, 2024. CISA also highlighted other … Read more