Salt Typhoon: An Analysis of Vulnerabilities Exploited by this State-Sponsored Actor

**Executive Summary:** Tenable Research examines Salt Typhoon, a PRC-affiliated APT that breached at least nine U.S. telecommunications companies in 2024, detailing exploited high-severity CVEs (e.g., CVE-2021-26855, CVE-2022-3236, CVE-2023-48788, CVE-2024-21887, CVE-2023-46805), post-compromise malware and persistence techniques, and providing detection and mitigation guidance including patching, hardening Cisco devices, and Tenable scanning recommendations.