- I'm a laptop expert, and these are the Memorial Day laptop deals I'd grab this weekend
- I'm an audio expert and these are the Memorial Day headphone deals I'd recommend to my friends and family
- I prefer this budget wireless iPhone charger over Apple's MagSafe devices - here's why
- One of my favorite Bluetooth speakers is from Sony and it's on sale for the first time ever
- Want to upgrade your home's tech? First, assess your energy maturity - here's how
Attackers probing backdoor flaw in popular Cisco Smart Licensing Utility, warns SANS
Backdoor secrecy
The hardcoded password flaw, identified as CVE-2024-20439, could be exploited to achieve administrator privileges via the app’s API. The second flaw, CVE-2024-20440, could allow an attacker to obtain log files containing sensitive data such as API credentials.
With both given an identical CVSS score of 9.8, it’s a toss-up as to which is the worst of the two. However, the vulnerabilities could clearly be used together in ways that amplify their danger, making patching even more imperative. The affected versions of CSLU are 2.0.0, 2.1.0, and 2.2.0; version 2.3.0 is the patched version.
CSLU is a recent product, so one might have expected it to be better secured. That said, Cisco has a history of this type of flaw, with hardcoded credentials being discovered in Cisco Firepower Threat Defense, Emergency Responder, and further back in Digital Network Architecture (DNA) Center, to name only some of the affected products.
As Ullrich of the SANS wrote rather sarcastically in the organization’s new warning: “The first one [CVE-2024-20439] is one of the many backdoors Cisco likes to equip its products with.”
