Ethical Hacking News
Two critical-rated vulnerabilities in Cisco Smart Licensing Utility are being actively exploited by threat actors, with multiple exploits detected. Apply necessary patches immediately to prevent potential breaches.
Cisco Smart Licensing Utility has two critical-rated vulnerabilities being actively exploited by threat actors (CVE-2024-20439 and CVE-2024-20440). Vulnerabilities carry a CVSS score of 9.8 and can be exploited through undocumented static user credentials or an excessively verbose debug log file. Users must apply patches to the utility, including version 2.3.0, to prevent exploitation by these vulnerabilities. Other known flaws are also being weaponized, including CVE-2024-0305 in Guangzhou Yingke Electronic Technology Ncast. Organizations should exercise extreme caution and regularly update software and patches to stay protected against emerging threats.
In a recent development that has sent shockwaves through the cybersecurity community, it has come to light that two critical-rated vulnerabilities in the Cisco Smart Licensing Utility are being actively exploited by threat actors. The first vulnerability, identified as CVE-2024-20439, is an undocumented static user credential for an administrative account that can be used by attackers to log into affected systems. This flaw carries a CVSS score of 9.8 and has been reported by SANS Internet Storm Center.
Similarly, the second vulnerability, known as CVE-2024-20440, arises from an excessively verbose debug log file that can be accessed by attackers through crafted HTTP requests, allowing them to obtain credentials for API access. This flaw also carries a CVSS score of 9.8 and is being actively exploited by threat actors.
It is worth noting that the two vulnerabilities are only exploitable in scenarios where the Cisco Smart Licensing Utility is actively running. However, the fact that they have already been discovered and are being actively exploited highlights the importance of keeping software up to date with the latest patches.
Fortunately, Cisco has taken steps to address these vulnerabilities by releasing patched versions of the utility, including version 2.3.0 which is not susceptible to the two bugs. However, it is imperative that users apply the necessary patches for optimal protection in light of active abuse.
Moreover, threat actors are also weaponizing other known flaws, including an information disclosure flaw (CVE-2024-0305) in Guangzhou Yingke Electronic Technology Ncast. It's currently not known what the end goal of the campaign is, or who is behind it. However, the fact that multiple vulnerabilities are being exploited at once underscores the complexity and sophistication of modern cybersecurity threats.
In light of this ongoing threat, users and organizations are advised to exercise extreme caution when dealing with vulnerable software systems. Regularly updating software and patches can help prevent exploitation by known flaws like CVE-2024-20439 and CVE-2024-20440. Furthermore, implementing robust network security measures and threat detection systems can provide an additional layer of protection against these types of attacks.
For more information on how to stay ahead of emerging cybersecurity threats, please visit The Hacker News for the latest updates, expert insights, and exclusive resources.
Related Information:
https://www.ethicalhackingnews.com/articles/Ongoing-Cyber-Attacks-Exploit-Critical-Vulnerabilities-in-Cisco-Smart-Licensing-Utility-A-Threat-to-Network-Security-ehn.shtml
https://thehackernews.com/2025/03/ongoing-cyber-attacks-exploit-critical.html
https://cybersecuritynews.com/hackers-exploiting-multiple-cisco-smart-licensing/
https://nvd.nist.gov/vuln/detail/CVE-2024-20439
https://www.cvedetails.com/cve/CVE-2024-20439/
https://nvd.nist.gov/vuln/detail/CVE-2024-20440
https://www.cvedetails.com/cve/CVE-2024-20440/
https://nvd.nist.gov/vuln/detail/CVE-2024-0305
https://www.cvedetails.com/cve/CVE-2024-0305/
Published: Fri Mar 21 01:26:53 2025 by llama3.2 3B Q4_K_M
