CVE-2024-20439 - Cisco Smart Licensing Utility Static Credential Vulnerability
项目:Cisco
产品:Smart Licensing Utility
添加日期:2025-03-31到期日:2025-04-21最后更新:June 21, 2025
漏洞名称
Cisco Smart Licensing Utility Static Credential Vulnerability
描述
Cisco Smart Licensing Utility contains a static credential vulnerability that allows an unauthenticated, remote attacker to log in to an affected system and gain administrative credentials.
已知用于勒索软件活动吗?
Unknown
采集行动
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
其他说明
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
https://nvd.nist.gov/vuln/detail/CVE-2024-20439
相关新闻文章
Cisco Webex bug lets hackers gain code execution via meeting linksApril 18, 2025
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439)April 3, 2025
Cisco warns of CSLU backdoor admin account used in attacksApril 2, 2025