Critical Vulnerabilities in Cisco Smart Licensing Utility Being Exploited

Two critical vulnerabilities in Cisco Smart Licensing Utility are currently being exploited, according to the SANS Internet Storm Center. The vulnerabilities in question are CVE-2024-20439 (CVSS score: 9.8), which involves the presence of an undocumented static user identifier for an administrative account that an attacker could exploit to log in. Ongoing attacks are targeting these flaws to gain access to systems.