Security Experts Warn of Active Exploitation of Cisco Smart Licensing Utility Vulnerabilities

Security experts are warning about the active exploitation of two recently patched vulnerabilities affecting Cisco Smart Licensing Utility. Cisco has disclosed two flaws: CVE-2024-20439, a backdoor with static credentials, and CVE-2024-20440, an information disclosure vulnerability. Attackers can exploit the backdoor to access sensitive log files. Initially, no active exploitation was observed, but attacks have since been detected.