A security alert has been issued for organizations using Cisco’s Smart Licensing Utility (CSLU), a tool used primarily in smaller networks. The SANS Technology Institute warns that two serious vulnerabilities, identified as CVE-2024-20439 and CVE-2024-20440, must be patched immediately.
The first flaw, a hardcoded password backdoor, can be exploited to gain administrator privileges via the app’s API. The second vulnerability allows attackers to access sensitive data, including API credentials, through log files. Both flaws have a CVSS score of 9.8, making them equally critical.
CSLU version 2.0.0, 2.1.0, and 2.2.0 are affected, while version 2.3.0 is the patched version. This is not an isolated incident; Cisco has a history of similar flaws in other products, including Firepower Threat Defense, Emergency Responder, and Digital Network Architecture (DNA) Center.
The SANS Institute’s Dean of Research Johannes Ullrich noted that the vulnerabilities were “one of the many backdoors” equipped by Cisco. As a result, organizations are urged to update their software as soon as possible to prevent exploitation by hackers.
Source: https://www.networkworld.com/article/3851811/attackers-probing-backdoor-flaw-in-popular-cisco-smart-licensing-utility-warns-sans.html