Critical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control

CVE-2024-20439 & CVE-2024-20440

Cisco has issued a security advisory warning organizations of multiple vulnerabilities in its Smart Licensing Utility (SLU) that could allow remote attackers to access sensitive information or gain administrative control. Two of these vulnerabilities, CVE-2024-20439 and CVE-2024-20440, have both been assigned a CVSS score of 9.8, placing them in the critical severity category.

  • CVE-2024-20439: Static Credential Vulnerability

This vulnerability permits unauthenticated, remote attackers to leverage an undocumented static administrative credential to gain unauthorized access to vulnerable systems. Upon successful exploitation, attackers could potentially acquire administrative privileges over the API, enabling them to execute malicious actions and compromise sensitive data.

  • CVE-2024-20440: Information Disclosure Vulnerability

This vulnerability arises due to excessive logging practices within a debug log file. Remote attackers can exploit this flaw by sending crafted HTTP requests to extract sensitive information, including credentials that may facilitate API access.

Cisco has released software updates designed to remediate these critical vulnerabilities. Organizations employing Cisco Smart Licensing Utility are strongly advised to prioritize the installation of these updates without delay to protect their systems from potential exploitation. The absence of workarounds necessitates prompt patching to ensure adequate security.

Cisco Smart License Utility Release First Fixed Release
2.0.0 Migrate to a fixed release.
2.1.0 Migrate to a fixed release.
2.2.0 Migrate to a fixed release.
2.3.0 Not vulnerable.

At present, there have been no public announcements or reports of malicious exploitation of these vulnerabilities. However, the potential for exploitation remains significant. The severity of these flaws, coupled with their relatively low barrier to exploitation, positions them as attractive targets for cybercriminals.

Related Posts: