Latest Cyber Security News

You are here: Home / General Cyber Security News / Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
March 21, 2025

Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.

The two critical-rated vulnerabilities in question are listed below –

  • CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an affected system
  • CVE-2024-20440 (CVSS score: 9.8) – A vulnerability arising due to an excessively verbose debug log file that an attacker could exploit to access such files by means of a crafted HTTP request and obtain credentials that can be used to access the API

Successful exploitation of the flaws could enable an attacker to log in to the affected system with administrative privileges, and obtain log files that contain sensitive data, including credentials that can be used to access the API.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Cybersecurity

That said, the vulnerabilities are only exploitable in scenarios where the utility is actively running.

The shortcomings, which impact versions 2.0.0, 2.1.0, and 2.2.0, have since been patched by Cisco in September 2024. Version 2.3.0 of Cisco Smart License Utility is not susceptible to the two bugs.

As of March 2025, threat actors have been observed attempting to actively exploit the two vulnerabilities, SANS Technology Institute’s Dean of Research Johannes B. Ullrich said, adding the unidentified threat actors are also weaponizing other flaws, including what appears to be an information disclosure flaw (CVE-2024-0305, CVSS score: 5.3) in Guangzhou Yingke Electronic Technology Ncast.

It’s currently not known what the end goal of the campaign is, or who is behind it. In light of active abuse, it’s imperative that users apply the necessary patches for optimal protection.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.


Some parts of this article are sourced from:
thehackernews.com

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *