CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-20439

Critical Severity
SVRS
84/100
CVSSv3
9.8/10
EPSS
0.8945/1

CVE-2024-20439: Cisco Smart Licensing Utility (CSLU) vulnerability allows remote attackers to gain administrative access using static credentials. This critical vulnerability, with a SOCRadar Vulnerability Risk Score (SVRS) of 84, requires immediate attention. CVE-2024-20439 stems from undocumented static user credentials for an administrative account in Cisco CSLU. Successful exploitation grants attackers full administrative rights over the CSLU application API. This means unauthorized access and control, potentially leading to significant data breaches and system compromise. Given its high SVRS and the existence of active exploits, patching this vulnerability is crucial. The presence of tags such as "In The Wild", "CISA KEV", and "Exploit Available" underscore the severity and active exploitation of this critical security flaw.

TAGS
In The Wild
CISA KEV
Exploit Available
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-09-04
LAST MODIFIED2025-04-03

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
Cisco Smart Licensing Utility Static Credential Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-204392025-03-31
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated
Dr. Johannes B. Ullrich2025-03-20
SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS Stormcast Thursday Mar 20th: Cisco Smart Licensing Attacks; Vulnerable Drivers again; Synology Advisories Updated Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 CVE-2024-20440 Attackers added last September's Cisco Smart Licensing Utility vulnerability to their toolset. These attacks orginate most likely from botnets and the same attackers are scanning for a wide range of additional vulnerabilities. The
cyber
sans.edu
rss
forum
CISA Adds One Known Exploited Vulnerability to Catalog
CISA2025-05-01
CISA Adds One Known Exploited Vulnerability to Catalog | CISA has added one new vulnerability to its&nbsp;Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. <a class="fui-Link ___1q1shib f2hkw1w f3rmtva f1ewtqcl fyind8e f1k6fduh f1w7gpdv fk6fouc fjoy568 figsok6 f1s184ao f1mk8lai fnbmjn9 f1o700av f13mvf36 f1cmlufx f9n3di6 f1ids18y f1tx3yz7 f1deo86v f1eh06m1 f1iescvh fhgqx19 f1olyrje f1p93eir f1nev41a f1h8hb77 f1lqvz6u f10aw75t fsle3fq f17ae5zn" href="https://www.cve.org/CVERecord?id=CVE-2024-20439" rel="noreferrer noopener" target="_blank" title
us-cert.gov
rss
forum
news
Tageszusammenfassung - 21.03.2025
CERT.at2025-05-01
Tageszusammenfassung - 21.03.2025 | End-of-Day report Timeframe: Donnerstag 20-03-2025 18:00 - Freitag 21-03-2025 18:00 Handler: Felician Fuchs Co-Handler: Michael Schlagenhaufer News Angreifer machen sich an Hintertür in Cisco Smart Licensing Utility zu schaffen Wie Sicherheitsforscher berichten, fangen Angreifer derzeit an, zwei Schwachstellen in Cisco Smart Licensing Utility auszunutzen. Darüber verschaffen sie sich Zugang mit Adminrechten. Sicherheitspatches sind schon länger verfügbar. [..] Die -kritischen- Lücken (CVE-2024-20439, CVE-2024-20440) sind seit Anfang September 2024 bekannt. <
cert.at
rss
forum
news
Data Breaches Digest - Week 14 2025
Dunkie ([email protected])2025-05-01
Data Breaches Digest - Week 14 2025 | Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 31st March and 6th April 2025. 6th April <br
dbdigest.com
rss
forum
news
Cisco CVE-2024-20439: Exploitation Attempts Target Smart Licensing Utility Backdoor
Dhara Shrivastava ([email protected])2025-04-09
Cisco CVE-2024-20439: Exploitation Attempts Target Smart Licensing Utility Backdoor | &nbsp;A critical vulnerability tracked as CVE-2024-20439 has placed Cisco’s Smart Licensing Utility (CSLU) in the spotlight after cybersecurity researchers observed active exploitation attempts. The flaw, which involves an undocumented static
blogger.com
rss
forum
news
🔥𝐓𝐨𝐝𝐚𝐲'𝐬 𝐏𝐚𝐭𝐜𝐡 𝐓𝐮𝐞𝐬𝐝𝐚𝐲 𝐨𝐯𝐞𝐫𝐯𝐢𝐞𝐰
Mike (Action1)2025-04-08
🔥𝐓𝐨𝐝𝐚𝐲'𝐬 𝐏𝐚𝐭𝐜𝐡 𝐓𝐮𝐞𝐬𝐝𝐚𝐲 𝐨𝐯𝐞𝐫𝐯𝐢𝐞𝐰 | This month, Microsoft has fixed 𝟏𝟐𝟏 𝐯𝐮𝐥𝐧𝐞𝐫𝐚𝐛𝐢𝐥𝐢𝐭𝐢𝐞𝐬, including 𝐨𝐧𝐞 𝐳𝐞𝐫𝐨-𝐝𝐚𝐲, 𝟏𝟏 𝐚𝐫𝐞 𝐜𝐫𝐢𝐭𝐢𝐜𝐚𝐥.⁣ ⁣ 𝐓𝐡𝐢𝐫𝐝-𝐩𝐚𝐫𝐭𝐲: web browsers, WinRAR, Apple, Linux Bootloaders, Splunk. Next.js, VMware Tools, NGINX Ingress, Veeam, Cisco, Apache Tomcat, and Fortinet.⁣ ⁣ Navigate to Vulnerability Digest from Action1 for a 𝐜𝐨𝐦𝐩𝐫𝐞𝐡𝐞𝐧𝐬𝐢𝐯𝐞 𝐬𝐮𝐦𝐦𝐚𝐫𝐲 𝐮𝐩𝐝𝐚𝐭𝐞𝐝 𝐢𝐧 𝐫𝐞𝐚𝐥-𝐭𝐢𝐦𝐞.<
spiceworks.com
rss
forum
news
7th April – Threat Intelligence Report - Check Point Software
2025-04-07
7th April – Threat Intelligence Report - Check Point Software | News Content: For the latest discoveries in cyber research for the week of 7th April, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The second-largest bar association in the US, The State Bar of Texas, has experienced a ransomware attack that resulted in unauthorized access to its network, exposing sensitive member information including full names and legal case documents. The INC ransomware gang claimed responsibility for the attack and has already leaked samples of stolen files. Check Point Threat Emulation provides protection against this threat (Ransomware.Wins.INC) Port of Seattle
google.com
rss
forum
news

Social Media

Cisco CVE-2024-20439: Exploitation Attempts Target Smart Licensing Utility Backdoor https://t.co/mQfkfJOFKV #backdoorvulnerability #Cisco #CiscoSecurity https://t.co/VSfGXyupOZ
0
1
0
CVE-2024-20439 - Cisco Smart Licensing Utility static credential vulnerability https://t.co/6XYbHFWWzy https://t.co/KG3tDK91Mg
0
0
0
CVE-2024-20439 - Cisco Smart Licensing Utility static credential vulnerability https://t.co/hvwTc5EfET https://t.co/m7otiUwCas
0
0
0
Advice for CVE-2024-20439 (cont.) - Immediately identify if any instances of CSLU versions 2.0.0, 2.1.0, or 2.2.0 ar... - Apply the patch to upgrade all affected CSLU instances to version 2.3.0 as soon ... Get Fletch for updated advice: https://t.co/y14Brx84pP (3/3)
0
0
0
攻撃者は Cisco Smart Licensing Utility の静的管理者認証情報を悪用しています (CVE-2024-20439) Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) #HelpNetSecurity (Apr 3) https://t.co/jovmNIhYTC
0
0
0
CVE-2024-20439 - Cisco Smart Licensing Utility static credential vulnerability https://t.co/npf49HTjAn https://t.co/DkSDAYTEco
0
0
0
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) https://t.co/eEUZKPMssy
0
0
0
RT @helpnetsecurity: Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) - https://t.co/8cdqbQ…
0
2
0
[HelpNet] Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439). CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers in the wild, CISA has... https://t.co/blyBbJFax1
0
0
0
Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) - https://t.co/8cdqbQd6Nd - @Cisco @CISAgov @johullrich @SANS_EDU - #CVE #vulnerability #Cisco #CyberSecurity #netsec #security #InfoSecurity #CISO #ITsecurity #CyberSecurityNews https://t.co/6MssmK6I2q
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
[email protected]https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw
CISCO-SA-CSLU-7GHMZWMWhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw

CWE Details

CWE IDCWE NameDescription
CWE-912Hidden FunctionalityThe software contains functionality that is not documented, not part of the specification, and not accessible through an interface or command sequence that is obvious to the software's users or administrators.
CWE-798Use of Hard-coded CredentialsThe software contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence