- How to disable ACR on your TV (and stop companies from spying on you)
- I expected this cheap multitool to be a waste of money, but it's my new a toolbox essential
- Have The Last Word Against Ransomware with Immutable Backup
- Multi-channel Secure Communication
- Apple's bold idea for no-code apps built with Siri - hype or hope?
Attackers probing backdoor flaw in popular Cisco Smart Licensing Utility, warns SANS
Backdoor secrecy
The hardcoded password flaw, identified as CVE-2024-20439, could be exploited to achieve administrator privileges via the app’s API. The second flaw, CVE-2024-20440, could allow an attacker to obtain log files containing sensitive data such as API credentials.
With both given an identical CVSS score of 9.8, it’s a toss-up as to which is the worst of the two. However, the vulnerabilities could clearly be used together in ways that amplify their danger, making patching even more imperative. The affected versions of CSLU are 2.0.0, 2.1.0, and 2.2.0; version 2.3.0 is the patched version.
CSLU is a recent product, so one might have expected it to be better secured. That said, Cisco has a history of this type of flaw, with hardcoded credentials being discovered in Cisco Firepower Threat Defense, Emergency Responder, and further back in Digital Network Architecture (DNA) Center, to name only some of the affected products.
As Ullrich of the SANS wrote rather sarcastically in the organization’s new warning: “The first one [CVE-2024-20439] is one of the many backdoors Cisco likes to equip its products with.”
