Security News > 2025 > March > Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
2025-03-21 05:09

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below -  CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an


News URL

https://thehackernews.com/2025/03/ongoing-cyber-attacks-exploit-critical.html

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-09-04 CVE-2024-20439 Use of Hard-coded Credentials vulnerability in Cisco Smart License Utility 2.0.0/2.1.0/2.2.0
A vulnerability in Cisco Smart Licensing Utility (CSLU) could allow an unauthenticated, remote attacker to log into an affected system by using a static administrative credential. This vulnerability is due to an undocumented static user credential for an administrative account.
network
low complexity
cisco CWE-798
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2048 21 1790 1684 288 3783