- AI agents bring big risks and rewards for daring early adopters, says Forrester
- Simplify and Scale Security With Cisco Hybrid Mesh Firewall
- AMD targets hosting providers with affordable EPYC 4005 processors
- Why enterprise architecture needs a new playbook
- Tech leaders are rushing to deploy agentic AI, study shows
Attackers probing backdoor flaw in popular Cisco Smart Licensing Utility, warns SANS
Backdoor secrecy
The hardcoded password flaw, identified as CVE-2024-20439, could be exploited to achieve administrator privileges via the app’s API. The second flaw, CVE-2024-20440, could allow an attacker to obtain log files containing sensitive data such as API credentials.
With both given an identical CVSS score of 9.8, it’s a toss-up as to which is the worst of the two. However, the vulnerabilities could clearly be used together in ways that amplify their danger, making patching even more imperative. The affected versions of CSLU are 2.0.0, 2.1.0, and 2.2.0; version 2.3.0 is the patched version.
CSLU is a recent product, so one might have expected it to be better secured. That said, Cisco has a history of this type of flaw, with hardcoded credentials being discovered in Cisco Firepower Threat Defense, Emergency Responder, and further back in Digital Network Architecture (DNA) Center, to name only some of the affected products.
As Ullrich of the SANS wrote rather sarcastically in the organization’s new warning: “The first one [CVE-2024-20439] is one of the many backdoors Cisco likes to equip its products with.”
