September 23, 2024 at 07:55AM Versa Networks has issued patches for a vulnerability (CVE-2024-45229) in Versa Director, a virtualization and service creation platform. The flaw in the REST API could expose authentication tokens, with potential exploitation leading to network management. Versa advises immediate updates for affected software versions and reassures no known exploitations in production … Read more
August 28, 2024 at 05:13AM China’s Volt Typhoon group has been exploiting a zero-day bug in Versa Networks’ Director Servers to harvest credentials for future attacks. The bug, tracked as CVE-2024-39717, affects pre-22.1.4 versions and allows unauthorized access via management ports, prompting CISA to issue mitigation directives. Lumen researchers state the exploitation is likely ongoing … Read more
August 26, 2024 at 12:16PM Versa Networks resolved a zero-day vulnerability through a security update after detecting its exploitation. The flaw impacted the Versa Director platform and could be leveraged by threat actors to upload corrupted files. The company urged affected customers to enhance system security and update their installations to protect against potential attacks. … Read more