Article Details

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility. Two now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center. The two critical-rated vulnerabilities in question are listed below - Successful exploitation of the flaws could enable an attacker to log in to the affected system with administrative privileges, and obtain log files that contain sensitive data, including credentials that can be used to access the API. That said, the vulnerabilities are only exploitable in scenarios where the utility is actively running. The shortcomings, which impact versions 2.0.0, 2.1.0, and 2.2.0, have since been patched by Cisco in September 2024. Version 2.3.0 of Cisco Smart License Utility is not susceptible to the two bugs. As of March 2025, threat actors have been observed attempting to actively exploit the two vulnerabilities, SANS Technology Institute's Dean of Research Johannes B. Ullrich said, adding the unidentified threat actors are also weaponizing other flaws, including what appears to be an information disclosure flaw (CVE-2024-0305, CVSS score: 5.3) in Guangzhou Yingke Electronic Technology Ncast. It's currently not known what the end goal of the campaign is, or who is behind it. In light of active abuse, it's imperative that users apply the necessary patches for optimal protection.