Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.
A brief description of the two vulnerabilities is below -

CVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account



Source: TheHackerNews
Source Link: https://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html