Researcher Details Cisco Smart Licensing that Lets Attacker Control Device

A critical vulnerability, known as CVE-2024-20439, has been found in Cisco’s Smart Licensing Utility. Discovered by an independent researcher, the vulnerability involves a hardcoded static password, potentially allowing attackers unauthorized access to affected devices. Security risks are considerable for organizations using Cisco’s licensing systems, and they are encouraged to update their software to version 2.3.0 or later in order to mitigate this risk.