#CVE202420440

Cisco’s Smart Licensing Utility flaws suggest it’s pretty dumb on security

September 5, 2024 by Xynik

September 5, 2024 at 02:22PM Cisco’s Smart Licensing Utility has critical vulnerabilities, allowing remote attackers to access sensitive data and administer services without authentication. The flaws, rated 9.8/10 in severity, lack workarounds and are fixed through software updates. Customers are urged to patch immediately, ensuring legitimate software access. No known malicious activity has been reported. … Read more

Cisco Patches Critical Vulnerabilities in Smart Licensing Utility

September 5, 2024 by Xynik

September 5, 2024 at 08:55AM Cisco announced patches for multiple vulnerabilities, including two critical flaws in Smart Licensing Utility and a medium-severity Identity Services Engine flaw, with existing proof-of-concept code. The Smart Licensing bugs could allow remote unauthenticated access or logins, and Cisco advises migrating to version 2.3.0. Additionally, patches were announced for other high … Read more