Ongoing intrusions leveraging the critical static credential backdoor flaw impacting the Cisco Smart Licensing Utility, tracked as CVE-2024-20439, have prompted the bug's inclusion in the Cybersecurity and Infrastructure Security Agency's Known Exploited Vulnerability catalog, with federal agencies urged to apply remediations by Apr. 21, Security Affairs reports.
Following Cisco's disclosure of the vulnerability and another critical Smart Licensing Utility information disclosure issue, tracked as CVE-2024-20440, which could be leveraged to compromise sensitive information, both security issues were reported by SANS Internet Storm Center to have been used in ongoing intrusions, with SANS not only detailing the connection between both flaws but also the potential targeting of the DVR bug, tracked as CVE-2024-0305. "Using the first vulnerability, an attacker may access the log file. A quick search didnt show any active exploitation, but details, including the backdoor credentials, were published in a blog by Nicholas Starke shortly after Cisco released its advisory," said the SANS advisory.
