{"vulnerability": "CVE-2024-20439", "sightings": [{"uuid": "7ad6c5d8-9d18-4ecf-8815-42403ed23931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/817", "content": "\u26a1\ufe0fAnalysis of CVE-2024-20439 in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-21T11:30:54.000000Z"}, {"uuid": "9d8a7e86-165e-4bd0-99ca-13c2f62a8540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/551", "content": "\u26a1\ufe0fCritical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control.\n\n#CyberBulletin", "creation_timestamp": "2024-09-05T07:07:50.000000Z"}, {"uuid": "f2266050-8c57-461b-9e08-773f56c95656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/878", "content": "\u26a1\ufe0fResearcher Details CVE-2024-20439 (CVSS 9.8) Flaw in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-24T09:29:54.000000Z"}, {"uuid": "7fd150ce-4f12-4342-9492-be6bda657fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "Telegram/ejwuLqTxrHD_r3-5w6M_okMyZGnazaXxkG5LywhZwTAfiQ", "content": "", "creation_timestamp": "2024-09-05T10:15:16.000000Z"}, {"uuid": "e16365d4-ecad-4bca-a4b5-5f759616ccea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4491", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T13:30:44.000000Z"}, {"uuid": "a80cadfd-5433-4d70-acc4-73131fcc7cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3959", "content": "The Hacker News\nCisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks\n\nCisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.\nA brief description of the two vulnerabilities is below -\n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account", "creation_timestamp": "2024-09-05T10:15:16.000000Z"}, {"uuid": "8ba6f099-dd64-48a5-98d2-e8bdf49be1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/KomunitiSiber/2515", "content": "Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks\nhttps://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html\n\nCisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.\nA brief description of the two vulnerabilities is below -\n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account", "creation_timestamp": "2024-09-05T09:22:17.000000Z"}, {"uuid": "b3eace8f-2fe1-4ff3-bab0-04c5b60a4c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/true_secator/6864", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 SANS \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Cisco Smart Licensing Utility, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043a\u0430\u043a CVE-2024-20439 \u0438 CVE-2024-20440.\u00a0\n\nSmart Licensing Utility \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 Cisco \u0432  \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0441 \u043d\u0430\u0447\u0430\u043b\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u0442\u043e\u0433\u0434\u0430 \u0436\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043e \u041f\u041e.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f CVE-2024-20439 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u0447\u0435\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 Cisco.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 SANS \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043f\u0435\u0440\u0432\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e CVE-2024-20439 - \u044d\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0431\u044d\u043a\u0434\u043e\u0440, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u041f\u041e \u0447\u0435\u0440\u0435\u0437 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, CVE-2024-20440 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0444\u0430\u0439\u043b\u043e\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u00ab\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0434\u043e\u043b\u0436\u0435\u043d\u00bb, \u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445, \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 SANS Honeypots, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u044b\u0442\u0430\u043b\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c Cisco Smart Licensing Utility.\n\n\u041d\u0435\u044f\u0441\u043d\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0446\u0435\u043b\u044c \u043f\u0440\u0435\u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043d\u043e \u0432 SANS \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0442\u043e\u0442 \u0436\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0442\u0438\u043f\u044b \u0441\u0438\u0441\u0442\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439.\n\n\u0412 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 Cisco\u00a0\u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c CVE-2024-20439 \u0438 CVE-2024-20440 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0438\u0445 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u044c Cisco \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u044d\u0442\u043e \u0441\u0441\u044b\u043b\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u0432\u0448\u0438\u0445 \u0432 \u0430\u0434\u0440\u0435\u0441 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2025-03-21T12:50:04.000000Z"}, {"uuid": "89db1541-74c2-4fea-a10e-f7b49d9cce1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/true_secator/6171", "content": "Cisco \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u044f\u0432\u043d\u043e \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f.\n\n\u0412\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0432 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 Cisco Identity Services Engine (ISE) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c PoC.\n\n\u041a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442\u00a0\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u0445 CLI \u0432 ISE \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421 \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\nCVE-2024-20469 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 Cisco, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u044d\u0442\u043e\u0433\u043e \u0435\u0449\u0435 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b.\n\n\u0412\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, Cisco \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0431\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440-\u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u00a0\u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 Smart Licensing Utility \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCSLU - \u044d\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0445 \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c\u0443 \u0440\u0435\u0448\u0435\u043d\u0438\u044e Cisco Smart Software Manager.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2024-20439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 API \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Cisco Smart Licensing Utility.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CLSU (CVE-2024-20440).\n\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 API), \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0415\u0441\u043b\u0438 \u0432\u0441\u0435 \u0432\u044b\u0448\u0435\u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c (\u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430), \u0442\u043e \u0441\u0430\u0439\u0442 Cisco Merchandise Store \u043f\u043e \u043f\u0440\u043e\u0434\u0430\u0436\u0435 \u0442\u043e\u0432\u0430\u0440\u043e\u0432 \u0441 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0436\u0438\u043b \u0430\u0442\u0430\u043a\u0443 CosmicSting (CVE-2024-34102) \u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0418\u043d\u044b\u043c\u0438 \u0441\u043b\u043e\u0432\u0430\u043c \u0431\u044b\u043b \u0432\u0437\u043b\u043e\u043c\u0430\u043d \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u043a\u043e\u0434 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0440\u0430\u043b \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u0438 \u0437\u0430\u043a\u0430\u0437\u0430. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432\u0437\u043b\u043e\u043c \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u0432 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435.\n\n\u0421\u0430\u043c\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442.", "creation_timestamp": "2024-09-05T15:19:45.000000Z"}, {"uuid": "75fcc24a-770c-4f10-bc44-27f7e53f91c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/thehackernews/6530", "content": "\ud83d\udd25 Hardcoded admin logins. Leaky debug logs. Cisco Smart Licensing Utility is under fire.\n\nHackers are actively exploiting CVE-2024-20439 & CVE-2024-20440\u2014both rated 9.8.\n\nAccess to admin creds & APIs is on the line.\n\nSee the full story \ud83d\udc49 https://thehackernews.com/2025/03/ongoing-cyber-attacks-exploit-critical.html", "creation_timestamp": "2025-03-21T06:15:07.000000Z"}, {"uuid": "d629ff98-6511-4d99-a716-3de90c3e88b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9147", "content": "StarkeBlog - CVE Wednesday - CVE-2024-20439\n\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-22T08:43:59.000000Z"}, {"uuid": "02126f5f-6877-4568-bd41-c709c18692d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/25756", "content": "\u26a1\ufe0fResearcher Details CVE-2024-20439 (CVSS 9.8) Flaw in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-24T11:01:54.000000Z"}, {"uuid": "0d808377-211a-4153-8a0f-0e65769bdcf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3llp4rrjr4h2e", "content": "", "creation_timestamp": "2025-03-31T19:47:09.820080Z"}, {"uuid": "68490219-ab29-41fa-a8a0-a6c02eb22a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llpbxocxok22", "content": "", "creation_timestamp": "2025-03-31T21:19:56.363486Z"}, {"uuid": "6082eff7-e020-40d6-bcd0-cf6f420fb44d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114212158674507923", "content": "", "creation_timestamp": "2025-03-23T14:14:06.526992Z"}, {"uuid": "6529cbba-a42f-4acc-89a8-a4042ee6c6a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6yo3watiy2", "content": "", "creation_timestamp": "2025-03-25T09:52:43.076439Z"}, {"uuid": "63b6b753-d791-4c0c-9c5c-f11ad04180db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6qzvgzsmi2", "content": "", "creation_timestamp": "2025-03-25T07:35:18.089999Z"}, {"uuid": "bc5aa522-ae5e-4bb0-98d7-8dd47a42f1d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llpjjhukl52g", "content": "", "creation_timestamp": "2025-03-31T23:35:09.255563Z"}, {"uuid": "3a61ccf7-0d07-400a-8727-7e11a13bb27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-06)", "content": "", "creation_timestamp": "2025-10-06T00:00:00.000000Z"}, {"uuid": "4c517d1e-191d-4ece-9732-8f227ea49e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "56edd2ff-292b-42e1-93ad-a9d54811dd4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "4f4edf4f-5758-4038-96d5-750665bc1d85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14184", "content": "\u200aResearcher Details CVE-2024-20439 (CVSS 9.8) Flaw in Cisco Smart Licensing Utility\n\nhttps://securityonline.info/researcher-details-cve-2024-20439-cvss-9-8-flaw-in-cisco-smart-licensing-utility/", "creation_timestamp": "2024-09-24T10:52:18.000000Z"}, {"uuid": "bba534d2-5d3f-4178-a84b-2c484a6b5042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9265", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-20439\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.\n\nThis vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application.\n\ud83d\udccf Published: 2024-09-04T16:28:39.669Z\n\ud83d\udccf Modified: 2025-03-28T03:55:49.443Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw", "creation_timestamp": "2025-03-28T04:29:58.000000Z"}, {"uuid": "6d6c38f0-c02b-4a19-818b-6fcaac40cc09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/claytechsolution/266", "content": "The Hacker News\nOngoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility\n\nTwo now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.\nThe two critical-rated vulnerabilities in question are listed below - \n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an", "creation_timestamp": "2025-03-21T09:01:37.000000Z"}, {"uuid": "b373f5f8-7184-47f0-9f26-565c9ef2066c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "Telegram/w7UA3BpYxIqL4T-o5IOdMJaNhGZ0ZmWdYhkbiw8oLP-yWQ", "content": "", "creation_timestamp": "2024-09-05T07:50:52.000000Z"}, {"uuid": "4715edf7-fae8-42ee-8163-05c80fcd91cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/InfoSecInsider/23673", "content": "\u26a1\ufe0fCritical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control.\n\n#CyberBulletin", "creation_timestamp": "2024-09-06T11:36:33.000000Z"}, {"uuid": "1cb7e850-fe94-423d-9218-33319b152781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "Telegram/Pv_1_Yirmz44llZl3vJApgG_6NanniLXxKCtgiGXtFReH0M", "content": "", "creation_timestamp": "2025-03-24T13:08:31.000000Z"}, {"uuid": "3bdce62b-ae76-4acd-aa7d-0ad3c79002eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/ctinow/232538", "content": "Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440, (Wed, Mar 19th)\nhttps://ift.tt/5VlTcb3", "creation_timestamp": "2025-03-19T16:29:20.000000Z"}, {"uuid": "ac4ae222-cc30-42bf-9b06-cb0f916c02d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11189", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T22:02:36.000000Z"}, {"uuid": "189d4f3f-565f-48f2-8127-ceca9f62f1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "", "content": "", "creation_timestamp": "2024-10-18T12:36:14.810430Z"}, {"uuid": "3e197b9d-05f1-4f86-a465-882bcd877ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3llpjyeiatr2p", "content": "", "creation_timestamp": "2025-03-31T23:43:28.945356Z"}, {"uuid": "68c65d87-0830-4dcc-bbb6-f1f6a8028fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llpwvee35k24", "content": "", "creation_timestamp": "2025-04-01T03:34:28.641012Z"}, {"uuid": "702202b4-e000-4382-8e5c-3d9fc4000ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3694506", "content": "", "creation_timestamp": "2025-03-31T22:13:05.776380Z"}, {"uuid": "fcd48745-df59-439f-83e1-2408ccd6da72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3694506", "content": "", "creation_timestamp": "2025-03-31T22:13:05.794558Z"}, {"uuid": "2faa1922-b7b0-4087-b2ee-9a5f615dcb44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ll4vsryny52t", "content": "", "creation_timestamp": "2025-03-24T13:54:31.820586Z"}, {"uuid": "f6df6d6d-0ec0-4a53-bc99-ddc48bf08f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/sansisc.bsky.social/post/3lkqc7obl6t2k", "content": "", "creation_timestamp": "2025-03-19T13:31:52.632604Z"}, {"uuid": "cec6166c-fc59-4754-96be-76358609e617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llb7xzhp2ap2", "content": "", "creation_timestamp": "2025-03-26T07:12:28.173271Z"}, {"uuid": "b80474b5-3af0-4dc6-a1e4-7e07c7a3bd33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llbdzwm7v6n2", "content": "", "creation_timestamp": "2025-03-26T08:26:52.393137Z"}, {"uuid": "5d453fb5-d8a2-4c18-b989-5e28f2388243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lkslt3vgm22x", "content": "", "creation_timestamp": "2025-03-20T11:29:07.418647Z"}, {"uuid": "40b60985-e8af-4e5f-8bf3-5b0fd9f61c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://threatintel.cc/2025/03/24/ongoing-cyber-attacks-exploit-critical.html", "content": "", "creation_timestamp": "2025-03-24T10:46:15.000000Z"}, {"uuid": "3888a3d4-46e5-4721-b2c0-cf13888c91dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/114200093447980587", "content": "", "creation_timestamp": "2025-03-21T11:05:38.028091Z"}, {"uuid": "f2131647-caaa-4023-ac90-672d568ade5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lltjzk64ad2d", "content": "", "creation_timestamp": "2025-04-02T13:54:48.557239Z"}, {"uuid": "a8e42ba4-dd3f-4d75-8f9d-5923abb3d0db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3llvyrziglc2z", "content": "", "creation_timestamp": "2025-04-03T13:24:23.392725Z"}, {"uuid": "d2f81b7e-82cc-4e99-ae90-66c9f4927264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3llvyul523s2k", "content": "", "creation_timestamp": "2025-04-03T13:25:49.761127Z"}, {"uuid": "6243b780-3af6-4498-87d1-64d379645469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3llxxoqp6xc2p", "content": "", "creation_timestamp": "2025-04-04T08:09:56.881076Z"}, {"uuid": "adf209d4-8283-4360-b1d2-33d57639a712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llymty3lwk2x", "content": "", "creation_timestamp": "2025-04-04T14:28:41.291181Z"}, {"uuid": "d792f3d7-6b4f-4d70-a4cc-e2580c013649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llzmbptga22g", "content": "", "creation_timestamp": "2025-04-04T23:51:10.883490Z"}, {"uuid": "5b325019-994d-429d-9936-bc19cbd42e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lu4fconj6f25", "content": "", "creation_timestamp": "2025-07-16T21:45:56.086835Z"}, {"uuid": "2f62cdf6-35ec-40c4-aa01-b920649c3a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lu4fcylb4b26", "content": "", "creation_timestamp": "2025-07-16T21:46:07.101809Z"}, {"uuid": "d5397e69-05f5-4151-8693-38bbdb314d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://infosec.exchange/users/ntkramer/statuses/114865100482587912", "content": "", "creation_timestamp": "2025-07-16T21:46:49.267942Z"}, {"uuid": "508a7ebc-dc7d-4bb4-bb57-5eca34e0fdca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "578008b1-a0e2-4cf9-94aa-5af50eef149a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:14.000000Z"}, {"uuid": "2edfd5ad-b201-4665-9f7d-e6ed8b22edad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "213ce44f-32ed-4515-a5b8-db685e0c5efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "cdcf5d22-6646-40a1-8e27-b3d510b510d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-29)", "content": "", "creation_timestamp": "2025-09-29T00:00:00.000000Z"}, {"uuid": "122cb9af-0c40-4386-9672-3e38c3c89118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2e6557a1-424a-40e5-8a69-4fab338b8712", "content": "", "creation_timestamp": "2026-02-02T12:26:04.553196Z"}, {"uuid": "b7abba18-1932-4f6a-af71-9fe0adf3a101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2e6557a1-424a-40e5-8a69-4fab338b8712", "content": "", "creation_timestamp": "2026-02-02T12:26:04.553196Z"}, {"uuid": "9b1c1ebf-77a7-4929-bbd7-a3b448c02ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-21)", "content": "", "creation_timestamp": "2026-04-21T00:00:00.000000Z"}, {"uuid": "4d0f0e61-3e3b-4338-bc4b-1e12af9e65f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/447", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T14:59:40.000000Z"}, {"uuid": "20bb98e1-5805-4ee9-a01f-85aad9e4b96b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/19661", "content": "The Hacker News\nCisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks\n\nCisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.\nA brief description of the two vulnerabilities is below -\n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account", "creation_timestamp": "2024-09-05T10:15:16.000000Z"}, {"uuid": "29fe7270-1b32-4801-b83b-71a95641288f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "Telegram/YeFJlSGfWHsEEdrqRk9e4E7OqXSVyYlYTiWuD_Q8CJ1WRA", "content": "", "creation_timestamp": "2025-03-21T08:14:23.000000Z"}, {"uuid": "fd002ad6-69cc-46f0-acc5-e6214de0df9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/InfoSecInsider/194", "content": "\u26a1\ufe0fCritical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control.\n\n#CyberBulletin", "creation_timestamp": "2024-09-06T11:36:43.000000Z"}, {"uuid": "79563870-f09b-4bd1-9782-87e43d0e87e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/information_security_channel/53268", "content": "Hackers Target Cisco Smart Licensing Utility Vulnerabilities\nhttps://www.securityweek.com/hackers-target-cisco-smart-licensing-utility-vulnerabilities/\n\nSANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.\nThe post Hackers Target Cisco Smart Licensing Utility Vulnerabilities (https://www.securityweek.com/hackers-target-cisco-smart-licensing-utility-vulnerabilities/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-03-20T12:50:22.000000Z"}, {"uuid": "6e6aeea1-aa05-4bb3-bdef-cc734fb4a018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/thehackernews/5522", "content": "Cisco has issued urgent updates for two critical flaws (CVSS 9.8) in its Smart Licensing Utility. These flaws (CVE-2024-20439 & CVE-2024-20440) let unauthenticated attackers elevate privileges or access sensitive data via crafted HTTP requests.\n\nRead: https://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html", "creation_timestamp": "2024-09-05T06:52:28.000000Z"}, {"uuid": "d8038ab3-c7e2-42ca-b0df-0539e864c7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/25683", "content": "\u26a1\ufe0fAnalysis of CVE-2024-20439 in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-21T12:12:38.000000Z"}, {"uuid": "a02750d6-5915-4126-9eab-1428a8a5bfd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5083", "content": "Cisco \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u044f\u0432\u043d\u043e \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f.\n\n\u0412\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0432 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 Cisco Identity Services Engine (ISE) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c PoC.\n\n\u041a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442\u00a0\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u0445 CLI \u0432 ISE \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421 \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\nCVE-2024-20469 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 Cisco, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u044d\u0442\u043e\u0433\u043e \u0435\u0449\u0435 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b.\n\n\u0412\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, Cisco \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0431\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440-\u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u00a0\u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 Smart Licensing Utility \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCSLU - \u044d\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0445 \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c\u0443 \u0440\u0435\u0448\u0435\u043d\u0438\u044e Cisco Smart Software Manager.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2024-20439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 API \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Cisco Smart Licensing Utility.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CLSU (CVE-2024-20440).\n\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 API), \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0415\u0441\u043b\u0438 \u0432\u0441\u0435 \u0432\u044b\u0448\u0435\u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c (\u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430), \u0442\u043e \u0441\u0430\u0439\u0442 Cisco Merchandise Store \u043f\u043e \u043f\u0440\u043e\u0434\u0430\u0436\u0435 \u0442\u043e\u0432\u0430\u0440\u043e\u0432 \u0441 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0436\u0438\u043b \u0430\u0442\u0430\u043a\u0443 CosmicSting (CVE-2024-34102) \u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0418\u043d\u044b\u043c\u0438 \u0441\u043b\u043e\u0432\u0430\u043c \u0431\u044b\u043b \u0432\u0437\u043b\u043e\u043c\u0430\u043d \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u043a\u043e\u0434 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0440\u0430\u043b \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u0438 \u0437\u0430\u043a\u0430\u0437\u0430. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432\u0437\u043b\u043e\u043c \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u0432 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435.\n\n\u0421\u0430\u043c\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442.", "creation_timestamp": "2024-09-05T15:23:32.000000Z"}, {"uuid": "ef85ba6f-47ac-47a8-94df-b6614333c850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llozd7v6az2n", "content": "", "creation_timestamp": "2025-03-31T18:45:19.720319Z"}, {"uuid": "9e71edc1-3c2f-4145-bce2-e98bae29b2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3llpcgrjcm22q", "content": "", "creation_timestamp": "2025-03-31T21:28:24.483139Z"}, {"uuid": "bfef3998-4d77-4347-8cb8-6d0e1e68192e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll5m2fphmug2", "content": "", "creation_timestamp": "2025-03-24T20:34:21.433474Z"}, {"uuid": "ba0cc350-6ac9-428e-be07-816d903a3249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lkvkw2ye642d", "content": "", "creation_timestamp": "2025-03-21T15:50:53.157768Z"}, {"uuid": "82385f46-1b2d-4ff9-8f16-64dec8fd5dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lku34ezxdc27", "content": "", "creation_timestamp": "2025-03-21T01:35:25.724106Z"}, {"uuid": "c3f45f28-d1ab-400f-aa78-a5e7ef90be5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lkx7het2i22x", "content": "", "creation_timestamp": "2025-03-22T07:31:08.224297Z"}, {"uuid": "c4dc41ea-51a7-4ff6-9bf5-2fe21ddd47e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://thehackernews.com/2025/03/ongoing-cyber-attacks-exploit-critical.html", "content": "", "creation_timestamp": "2025-03-21T04:09:00.000000Z"}, {"uuid": "6833f984-dbc3-4147-a370-73b50f6aef90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c24d9afd-a8d3a11e9e0ebfdf", "content": "", "creation_timestamp": "2025-03-21T08:02:16.305307Z"}, {"uuid": "6bad21e3-024d-4484-be26-57514d9a08be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6mugzlxzo2", "content": "", "creation_timestamp": "2025-03-25T06:19:56.354487Z"}, {"uuid": "67cdaf26-306d-4918-90f0-31a2d94cd2dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6thtozmcy2", "content": "", "creation_timestamp": "2025-03-25T08:18:11.773394Z"}, {"uuid": "122c3d77-e6f3-43c5-9b1d-89ae1c8ba155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llfypfe6bc2a", "content": "", "creation_timestamp": "2025-03-28T04:40:16.698082Z"}, {"uuid": "1ee10112-90ce-48ba-94bd-a6647705b8c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llrrgnjdsx2z", "content": "", "creation_timestamp": "2025-04-01T21:02:04.798153Z"}, {"uuid": "baa3fd0a-7029-4a29-9741-6fd5e7e91592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llwjzrcigx2d", "content": "", "creation_timestamp": "2025-04-03T18:32:54.504327Z"}, {"uuid": "cce353d3-dab3-493e-bf5e-099f3d22b8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://threatintel.cc/2025/04/03/attackers-are-leveraging-cisco-smart.html", "content": "", "creation_timestamp": "2025-04-03T15:22:33.000000Z"}, {"uuid": "ab823af4-7d70-4002-af19-0eedae9d5b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3llwztzftjc23", "content": "", "creation_timestamp": "2025-04-03T23:16:01.675694Z"}, {"uuid": "b419ca84-9e51-485e-ad64-2a6d18f74100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3llxct6cbu622", "content": "", "creation_timestamp": "2025-04-04T01:56:36.406963Z"}, {"uuid": "fc8c4d6f-768d-413f-83cb-254552b884a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lm47muesgk2x", "content": "", "creation_timestamp": "2025-04-06T00:42:45.020049Z"}, {"uuid": "79205b99-0570-4fe4-ba2f-875efa27d5b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"}, {"uuid": "39800e04-35fa-4d5d-92fd-98fcb46d0c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-25)", "content": "", "creation_timestamp": "2026-01-25T00:00:00.000000Z"}, {"uuid": "f6bce539-19a4-4010-8db8-693f517b7af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-26)", "content": "", "creation_timestamp": "2026-01-26T00:00:00.000000Z"}, {"uuid": "590e9baa-b2fe-40e0-8617-e26826896d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "69854c60-60dc-41e1-9d66-5be9238411a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-16)", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "10c1443e-5219-4ade-baef-a456d55fcb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-24)", "content": "", "creation_timestamp": "2026-03-24T00:00:00.000000Z"}, {"uuid": "bfb894bc-f14d-4900-bc51-bfaa93f50366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "e570f948-e577-48a9-b0ba-ae3d21621d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://vulnerability.circl.lu/comment/daf228ff-bf18-462b-8d03-acbd9cf60965", "content": "", "creation_timestamp": "2024-09-21T07:26:37.729241Z"}, {"uuid": "c6b8f820-81cb-48f3-ac11-f857e65d7cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/e49e5ff3-cc60-4b0f-b772-473ad67c3c8c", "content": "", "creation_timestamp": "2024-09-05T09:27:20.424936Z"}, {"uuid": "b7eb3b23-b117-401e-93f4-7f4390ac8819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-22)", "content": "", "creation_timestamp": "2026-04-22T00:00:00.000000Z"}, {"uuid": "bc914117-92d5-4b97-9f87-aefd4a7b5d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/5563", "content": "\u200b\u26a1\ufe0fCSLU \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u043e\u0439: \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Cisco\n\n\ud83d\udcac \u0412 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 Cisco Smart Licensing Utility (CSLU) \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043f\u0435\u0440\u0432\u044b\u0435 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0447\u0435\u0440\u0435\u0437 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0443\u044e \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-20439 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u0438 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0435\u0449\u0451 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b CSLU.\n\nCSLU \u2014 \u044d\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 Cisco \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c Smart Software Manager. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0436\u0451\u0441\u0442\u043a\u043e \u0437\u0430\u0448\u0438\u0442\u044b\u0435 \u0432 \u043a\u043e\u0434 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API CSLU \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e Cisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0435\u0449\u0451 \u043e\u0434\u043d\u0443 \u043e\u0448\u0438\u0431\u043a\u0443 \u2014 CVE-2024-20440 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.5), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043b\u043e\u0433\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0440\u043e\u0434\u0435 API-\u043a\u043b\u044e\u0447\u0435\u0439, \u043f\u0443\u0442\u0451\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u0440\u0443\u0447\u043d\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0435 CSLU, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u2014\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 Aruba \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c \u043e\u0442 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u042d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0431\u043b\u0435\u0433\u0447\u0438\u043b\u043e \u0437\u0430\u0434\u0430\u0447\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c.\n\n\u0418\u043d\u0441\u0442\u0438\u0442\u0443\u0442 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 SANS \u0441\u043e\u043e\u0431\u0449\u0438\u043b, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b CSLU. \u0425\u043e\u0442\u044f \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e \u043d\u0435 \u0431\u044b\u043b\u043e, \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0430\u0440\u043e\u043b\u044f\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u043b\u0438 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Cisco.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0435 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Guangzhou Yingke Electronic, \u0433\u0434\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 CVE-2024-0305 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.5). \u042d\u0442\u043e \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u0430\u0442\u0430\u043a, Cisco \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0451 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044f\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b (PSIRT) \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-23T18:17:07.000000Z"}, {"uuid": "9bc61a35-4cb7-42dd-b609-1b05e1b73d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1340", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T13:30:44.000000Z"}, {"uuid": "4ac3860f-0ac8-4702-b31d-5fcb55bf1139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/CyberBulletin/2742", "content": "\u26a1Hardcoded admin logins. Leaky debug logs. Cisco Smart Licensing Utility is under fire.\n\nHackers are actively exploiting CVE-2024-20439 & CVE-2024-20440\u2014both rated 9.8.\n\nAccess to admin creds & APIs is on the line.\n\n#CyberBulletin", "creation_timestamp": "2025-03-21T13:29:30.000000Z"}, {"uuid": "f9113155-10ae-47e3-bf6d-61509d7f4050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/cvedetector/4823", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20439 - Cisco Smart Licensing Utility Static Credential Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-20439 \nPublished : Sept. 4, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.  \n  \nThis vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T20:15:49.000000Z"}]}