{"vulnerability": "cve-2024-2043", "sightings": [{"uuid": "39800e04-35fa-4d5d-92fd-98fcb46d0c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-25)", "content": "", "creation_timestamp": "2026-01-25T00:00:00.000000Z"}, {"uuid": "f6bce539-19a4-4010-8db8-693f517b7af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-26)", "content": "", "creation_timestamp": "2026-01-26T00:00:00.000000Z"}, {"uuid": "122cb9af-0c40-4386-9672-3e38c3c89118", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2e6557a1-424a-40e5-8a69-4fab338b8712", "content": "", "creation_timestamp": "2026-02-02T12:26:04.553196Z"}, {"uuid": "e570f948-e577-48a9-b0ba-ae3d21621d34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://vulnerability.circl.lu/comment/daf228ff-bf18-462b-8d03-acbd9cf60965", "content": "", "creation_timestamp": "2024-09-21T07:26:37.729241Z"}, {"uuid": "c6b8f820-81cb-48f3-ac11-f857e65d7cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/e49e5ff3-cc60-4b0f-b772-473ad67c3c8c", "content": "", "creation_timestamp": "2024-09-05T09:27:20.424936Z"}, {"uuid": "b7abba18-1932-4f6a-af71-9fe0adf3a101", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2e6557a1-424a-40e5-8a69-4fab338b8712", "content": "", "creation_timestamp": "2026-02-02T12:26:04.553196Z"}, {"uuid": "9b1c1ebf-77a7-4929-bbd7-a3b448c02ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-21)", "content": "", "creation_timestamp": "2026-04-21T00:00:00.000000Z"}, {"uuid": "f1bb4d07-dc18-4f91-a908-200aac8c19f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20435", "type": "seen", "source": "https://t.me/kasperskyb2b/1343", "content": "\ud83d\udd25 10 CVE \u043e\u0442 Cisco, \u043e\u0434\u043d\u0430 \u0441 CVSS 10\n\nCisco Patch Wednesday \u043f\u0440\u043e\u0448\u0451\u043b \u0441 \u043e\u0433\u043e\u043d\u044c\u043a\u043e\u043c \u2014 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u0425\u0435\u0434\u043b\u0430\u0439\u043d\u0435\u0440\u043e\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u0435\u043c CVE-2024-20401 \u0441 CVSS 9.8, \u044d\u0442\u043e \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 Secure Email Gateway, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0449\u0438\u0439 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439, \u043f\u0440\u0438\u0441\u043b\u0430\u0432\u0448\u0438\u0439 \u043f\u0438\u0441\u044c\u043c\u043e \u0441\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f root-\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043c\u0435\u043d\u044f\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u0448\u043b\u044e\u0437\u0435 \u0431\u044b\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043a\u043e\u043d\u0442\u0435\u043d\u0442-\u0444\u0438\u043b\u044c\u0442\u0440 \u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440 \u0444\u0430\u0439\u043b\u043e\u0432, \u044f\u0432\u043b\u044f\u044e\u0449\u0438\u0439\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e Cisco Advanced Malware Protection. \ud83e\udd2a\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 \u043d\u0435 \u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043e, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u043e \u2014 \u043f\u043e\u043a\u0430.\n\n\u0414\u0435\u0444\u0435\u043a\u0442 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 10 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 Smart Software Manager On-Prem, \u043c\u043e\u0434\u0443\u043b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Cisco.  CVE-2024-20419 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u043b\u044e\u0431\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0437\u0430\u0439\u0442\u0438 \u0432 web UI \u0438\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f API \u0441 \u0435\u0433\u043e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u0438, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u0438\u0440\u043e\u0434\u0443 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442. \u0413\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0438-\u0441\u0435\u0442\u0435\u0432\u0438\u043a\u0438 \u2014 \u044d\u0442\u043e DoS \u043f\u0443\u0442\u0451\u043c \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0439, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c, \u044d\u0442\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043c\u0435\u0434\u043b\u0435\u043d\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f BlastRADIUS (CVE-2024-3596), \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d \u0434\u0435\u0444\u0435\u043a\u0442 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Secure Web Appliance (CVE-2024-20435) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 Identity Services Engine (CVE-2024-20296).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #Cisco @\u041f2\u0422", "creation_timestamp": "2024-07-18T11:16:31.000000Z"}, {"uuid": "4a4fbd5c-63c9-4d6d-ad5f-529b9497c305", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20430", "type": "seen", "source": "https://t.me/cvedetector/5525", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20430 - Cisco Meraki Systems Manager (SM) Agent for Windows Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-20430 \nPublished : Sept. 12, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : A vulnerability in Cisco Meraki Systems Manager (SM) Agent for Windows could allow an authenticated, local attacker to execute arbitrary code with elevated privileges.\u00a0  \n  \nThis vulnerability is due to incorrect handling of directory search paths at runtime. A low-privileged attacker could exploit this vulnerability by placing both malicious configuration files and malicious DLL files on an affected system, which would read and execute the files when Cisco Meraki SM launches on startup. A successful exploit could allow the attacker to execute arbitrary code on the affected system with SYSTEM privileges. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-12T22:43:49.000000Z"}, {"uuid": "e16365d4-ecad-4bca-a4b5-5f759616ccea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4491", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T13:30:44.000000Z"}, {"uuid": "29fe7270-1b32-4801-b83b-71a95641288f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "Telegram/YeFJlSGfWHsEEdrqRk9e4E7OqXSVyYlYTiWuD_Q8CJ1WRA", "content": "", "creation_timestamp": "2025-03-21T08:14:23.000000Z"}, {"uuid": "a80cadfd-5433-4d70-acc4-73131fcc7cbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3959", "content": "The Hacker News\nCisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks\n\nCisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.\nA brief description of the two vulnerabilities is below -\n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account", "creation_timestamp": "2024-09-05T10:15:16.000000Z"}, {"uuid": "4715edf7-fae8-42ee-8163-05c80fcd91cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/InfoSecInsider/23673", "content": "\u26a1\ufe0fCritical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control.\n\n#CyberBulletin", "creation_timestamp": "2024-09-06T11:36:33.000000Z"}, {"uuid": "962f5ff4-ae56-4520-adb8-e645b1370d1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20435", "type": "seen", "source": "https://t.me/MrVGunz/1251", "content": "\ud83d\udccd \u062e\u0644\u0627\u0635\u0647 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2024-20435\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u062d\u0631\u0627\u0646\u06cc CVE-2024-20435 \u062f\u0631 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 (#CLI) \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 #Cisco AsyncOS \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc \u0648\u0628 (#Secure Web Appliance) \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0647 #\u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0645\u062d\u0644\u06cc \u0628\u0627 #\u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0639\u062a\u0628\u0631 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0627\u062c\u0631\u0627 \u06a9\u0631\u062f\u0647 \u0648 \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc \u062e\u0648\u062f \u0631\u0627 \u0628\u0647 \u0628\u0627\u0644\u0627\u062a\u0631\u06cc\u0646 \u0633\u0637\u062d (#root) \u0627\u0631\u062a\u0642\u0627 \u062f\u0647\u0646\u062f.\n\n\u0631\u06cc\u0634\u0647 \u0645\u0634\u06a9\u0644:\n\u0636\u0639\u0641 \u0627\u0635\u0644\u06cc \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u0639\u062f\u0645 \u0627\u0639\u062a\u0628\u0627\u0631\u0633\u0646\u062c\u06cc \u06a9\u0627\u0641\u06cc \u0648\u0631\u0648\u062f\u06cc\u200c\u0647\u0627\u06cc \u06a9\u0627\u0631\u0628\u0631 \u062f\u0631 \u062e\u0637 \u0641\u0631\u0645\u0627\u0646 \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0627\u0645\u0631 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645\u0627\u0646 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0648\u0627\u0631\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0648\u0631 \u062e\u0627\u0635\u06cc\u060c \u0627\u0632 \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u0646\u062f.\n\n\u0634\u0631\u0627\u06cc\u0637 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc:\n\u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0645\u0648\u0641\u0642 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u060c \u0645\u0647\u0627\u062c\u0645 \u062a\u0646\u0647\u0627 \u0628\u0647 \u06cc\u06a9 \u062d\u0633\u0627\u0628 \u06a9\u0627\u0631\u0628\u0631\u06cc \u0628\u0627 \u062d\u062f\u0627\u0642\u0644 \u0633\u0637\u062d \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0647\u0645\u0627\u0646 \u0646\u06cc\u0627\u0632 \u062f\u0627\u0631\u062f.\n\n\u062a\u0627\u062b\u06cc\u0631:\n\u0645\u0648\u0641\u0642\u06cc\u062a \u062f\u0631 \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0645\u0646\u062c\u0631 \u0628\u0647 #\u06a9\u0646\u062a\u0631\u0644 \u06a9\u0627\u0645\u0644 \u062f\u0633\u062a\u06af\u0627\u0647 \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645 \u0634\u0648\u062f\u060c \u0627\u0632 \u062c\u0645\u0644\u0647:\n- \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f \u062f\u0644\u062e\u0648\u0627\u0647\n- \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062a\u0645\u0627\u0645 \u062f\u0627\u062f\u0647\u200c\u0647\u0627\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\n- \u0627\u062e\u062a\u0644\u0627\u0644 \u062f\u0631 \u0633\u0631\u0648\u06cc\u0633\u200c\u062f\u0647\u06cc \u062f\u0633\u062a\u06af\u0627\u0647\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u0641\u0646\u06cc:\n- \u062a\u0627\u0631\u06cc\u062e \u0627\u0646\u062a\u0634\u0627\u0631: \u06f1\u06f7 \u062c\u0648\u0644\u0627\u06cc \u06f2\u06f0\u06f2\u06f4\n- \u0646\u0645\u0631\u0647 CVSS: 8.8 (#\u0628\u062d\u0631\u0627\u0646\u06cc)\n- \u0627\u062c\u0631\u0627\u06cc \u063a\u06cc\u0631\u0636\u0631\u0648\u0631\u06cc \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632\u0627\u062a \u0628\u06cc\u0634 \u0627\u0632 \u062d\u062f \u0644\u0627\u0632\u0645 CWE: CWE-250\n\n\u062a\u0648\u0635\u06cc\u0647\u200c\u0647\u0627\u06cc \u0627\u0645\u0646\u06cc\u062a\u06cc:\n\u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc Cisco AsyncOS \u0628\u0627\u06cc\u062f \u0647\u0631 \u0686\u0647 \u0633\u0631\u06cc\u0639\u200c\u062a\u0631 #\u0648\u0635\u0644\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0627\u0631\u0627\u0626\u0647 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 Cisco \u0631\u0627 \u0646\u0635\u0628 \u06a9\u0646\u0646\u062f \u062a\u0627 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u062d\u0627\u0641\u0638\u062a \u0646\u0645\u0627\u06cc\u0646\u062f. \u0647\u0645\u0686\u0646\u06cc\u0646\u060c \u0628\u0631\u0631\u0633\u06cc \u0645\u0646\u0638\u0645 \u0633\u06cc\u0633\u062a\u0645 \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc \u0648 \u0631\u0641\u0639 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0627\u062d\u062a\u0645\u0627\u0644\u06cc \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\ud83d\udd17 \u062c\u0647\u062a \u0645\u0637\u0627\u0644\u0639\u0647 \u0627\u062f\u0627\u0645\u0647 \u0645\u0642\u0627\u0644\u0647 \u0628\u0647 \u0627\u06cc\u0646 \u0633\u0627\u06cc\u062a \u0645\u0631\u0627\u062c\u0639\u0647 \u06a9\u0646\u06cc\u062f:\n\n\ud83c\udf10 https://www.cvedetails.com/cve/CVE-2024-20435/\n\n\ud83d\udccd Summary of CVE-2024-20435 Vulnerability\n\nA critical vulnerability, identified as CVE-2024-20435, has been discovered in the Command Line Interface (#CLI) of the Cisco AsyncOS operating system for Secure Web Appliance devices (#Secure Web Appliance). This vulnerability allows local attackers with valid credentials to execute arbitrary commands and escalate their privileges to the highest level (#root).\n\nRoot Cause:\nThe primary weakness of this vulnerability is the insufficient validation of user inputs in the command line. This flaw enables attackers to exploit it by entering specific commands.\n\nExploitation Conditions:\nTo successfully exploit this vulnerability, an attacker only needs a user account with minimal guest-level access.\n\nImpact:\nSuccessful exploitation of this vulnerability can lead to full control of the device by the attacker, including:\n- Execution of arbitrary code\n- Access to all device data\n- Disruption of device services\n\nTechnical Details:\n- Release Date: July 17, 2024\n- CVSS Score: 8.8 (#Critical)\n- CWE: CWE-250, Unnecessary Privileges\n\nSecurity Recommendations:\nUsers of Cisco AsyncOS devices should promptly install the security patch provided by Cisco to protect against this vulnerability. Regular system checks to identify and mitigate potential vulnerabilities are also recommended.\n\n\ud83d\udd17 To read the full article, visit this site:\n\n\ud83c\udf10 https://www.cvedetails.com/cve/CVE-2024-20435/", "creation_timestamp": "2024-08-11T18:11:49.000000Z"}, {"uuid": "b3eace8f-2fe1-4ff3-bab0-04c5b60a4c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/true_secator/6864", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 SANS \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Cisco Smart Licensing Utility, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u043a\u0430\u043a CVE-2024-20439 \u0438 CVE-2024-20440.\u00a0\n\nSmart Licensing Utility \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 Cisco \u0432  \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0412\u043f\u0435\u0440\u0432\u044b\u0435 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0430\u0445 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0441 \u043d\u0430\u0447\u0430\u043b\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430, \u0442\u043e\u0433\u0434\u0430 \u0436\u0435 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u044b\u043a\u0430\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441\u043e\u0431\u0438\u0440\u0430\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u0438\u043b\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u0441\u043b\u0443\u0436\u0431\u0430\u043c\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435, \u0433\u0434\u0435 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u043e \u041f\u041e.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f CVE-2024-20439 \u0431\u044b\u043b\u0438 \u043e\u043f\u0443\u0431\u043b\u0438\u0447\u0435\u043d\u044b \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c \u0441\u043f\u0443\u0441\u0442\u044f \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u0440\u043e\u0432\u0435\u043b\u0438 \u043e\u0431\u0440\u0430\u0442\u043d\u0443\u044e \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0443 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 Cisco.\n\n\u0412 \u0441\u0440\u0435\u0434\u0443 \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 SANS \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043f\u0435\u0440\u0432\u044b\u0445 \u0441\u043b\u0443\u0447\u0430\u044f\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0435\u0439 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e CVE-2024-20439 - \u044d\u0442\u043e \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0431\u044d\u043a\u0434\u043e\u0440, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u041f\u041e \u0447\u0435\u0440\u0435\u0437 \u0436\u0435\u0441\u0442\u043a\u043e \u0437\u0430\u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, CVE-2024-20440 \u0441\u0432\u044f\u0437\u0430\u043d \u0441 \u0444\u0430\u0439\u043b\u043e\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u0430, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u00ab\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0438\u0440\u0443\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435, \u0447\u0435\u043c \u0434\u043e\u043b\u0436\u0435\u043d\u00bb, \u0430 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043d\u0435\u043c\u0443 \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u0441\u043b\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043f\u0435\u0440\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0412 \u0430\u0442\u0430\u043a\u0430\u0445, \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u043f\u043e\u043c\u043e\u0449\u0438 SANS Honeypots, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u044b\u0442\u0430\u043b\u0441\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u043c Cisco Smart Licensing Utility.\n\n\u041d\u0435\u044f\u0441\u043d\u043e, \u0447\u0442\u043e \u043a\u0430\u043a\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0446\u0435\u043b\u044c \u043f\u0440\u0435\u0441\u043b\u0435\u0434\u0443\u044e\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043d\u043e \u0432 SANS \u043e\u0442\u043c\u0435\u0447\u0430\u044e\u0442, \u0447\u0442\u043e \u0442\u043e\u0442 \u0436\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u043f\u044b\u0442\u0430\u0435\u0442\u0441\u044f \u0432\u0437\u043b\u043e\u043c\u0430\u0442\u044c \u0438 \u0434\u0440\u0443\u0433\u0438\u0435 \u0442\u0438\u043f\u044b \u0441\u0438\u0441\u0442\u0435\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439.\n\n\u0412 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u0445 Cisco\u00a0\u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c CVE-2024-20439 \u0438 CVE-2024-20440 \u0443\u043a\u0430\u0437\u0430\u043d\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u0430 \u0438\u0445 \u0444\u0430\u043a\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442\u0441\u044f.\n\n\u041f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u0442\u0435\u043b\u044c Cisco \u0432 \u043e\u0442\u0432\u0435\u0442 \u043d\u0430 \u044d\u0442\u043e \u0441\u0441\u044b\u043b\u0430\u0435\u0442\u0441\u044f \u043d\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435 \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u043f\u043e\u0441\u0442\u0443\u043f\u0438\u0432\u0448\u0438\u0445 \u0432 \u0430\u0434\u0440\u0435\u0441 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0439 \u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044f \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.", "creation_timestamp": "2025-03-21T12:50:04.000000Z"}, {"uuid": "3bdce62b-ae76-4acd-aa7d-0ad3c79002eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/ctinow/232538", "content": "Exploit Attempts for Cisco Smart Licensing Utility CVE-2024-20439 and CVE-2024-20440, (Wed, Mar 19th)\nhttps://ift.tt/5VlTcb3", "creation_timestamp": "2025-03-19T16:29:20.000000Z"}, {"uuid": "79563870-f09b-4bd1-9782-87e43d0e87e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/information_security_channel/53268", "content": "Hackers Target Cisco Smart Licensing Utility Vulnerabilities\nhttps://www.securityweek.com/hackers-target-cisco-smart-licensing-utility-vulnerabilities/\n\nSANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.\nThe post Hackers Target Cisco Smart Licensing Utility Vulnerabilities (https://www.securityweek.com/hackers-target-cisco-smart-licensing-utility-vulnerabilities/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2025-03-20T12:50:22.000000Z"}, {"uuid": "6e6aeea1-aa05-4bb3-bdef-cc734fb4a018", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/thehackernews/5522", "content": "Cisco has issued urgent updates for two critical flaws (CVSS 9.8) in its Smart Licensing Utility. These flaws (CVE-2024-20439 & CVE-2024-20440) let unauthenticated attackers elevate privileges or access sensitive data via crafted HTTP requests.\n\nRead: https://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html", "creation_timestamp": "2024-09-05T06:52:28.000000Z"}, {"uuid": "d8038ab3-c7e2-42ca-b0df-0539e864c7e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/25683", "content": "\u26a1\ufe0fAnalysis of CVE-2024-20439 in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-21T12:12:38.000000Z"}, {"uuid": "a02750d6-5915-4126-9eab-1428a8a5bfd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5083", "content": "Cisco \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u044f\u0432\u043d\u043e \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f.\n\n\u0412\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0432 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 Cisco Identity Services Engine (ISE) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c PoC.\n\n\u041a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442\u00a0\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u0445 CLI \u0432 ISE \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421 \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\nCVE-2024-20469 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 Cisco, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u044d\u0442\u043e\u0433\u043e \u0435\u0449\u0435 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b.\n\n\u0412\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, Cisco \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0431\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440-\u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u00a0\u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 Smart Licensing Utility \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCSLU - \u044d\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0445 \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c\u0443 \u0440\u0435\u0448\u0435\u043d\u0438\u044e Cisco Smart Software Manager.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2024-20439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 API \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Cisco Smart Licensing Utility.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CLSU (CVE-2024-20440).\n\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 API), \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0415\u0441\u043b\u0438 \u0432\u0441\u0435 \u0432\u044b\u0448\u0435\u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c (\u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430), \u0442\u043e \u0441\u0430\u0439\u0442 Cisco Merchandise Store \u043f\u043e \u043f\u0440\u043e\u0434\u0430\u0436\u0435 \u0442\u043e\u0432\u0430\u0440\u043e\u0432 \u0441 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0436\u0438\u043b \u0430\u0442\u0430\u043a\u0443 CosmicSting (CVE-2024-34102) \u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0418\u043d\u044b\u043c\u0438 \u0441\u043b\u043e\u0432\u0430\u043c \u0431\u044b\u043b \u0432\u0437\u043b\u043e\u043c\u0430\u043d \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u043a\u043e\u0434 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0440\u0430\u043b \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u0438 \u0437\u0430\u043a\u0430\u0437\u0430. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432\u0437\u043b\u043e\u043c \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u0432 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435.\n\n\u0421\u0430\u043c\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442.", "creation_timestamp": "2024-09-05T15:23:32.000000Z"}, {"uuid": "189d4f3f-565f-48f2-8127-ceca9f62f1e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "", "content": "", "creation_timestamp": "2024-10-18T12:36:14.810430Z"}, {"uuid": "ef85ba6f-47ac-47a8-94df-b6614333c850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llozd7v6az2n", "content": "", "creation_timestamp": "2025-03-31T18:45:19.720319Z"}, {"uuid": "0d808377-211a-4153-8a0f-0e65769bdcf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3llp4rrjr4h2e", "content": "", "creation_timestamp": "2025-03-31T19:47:09.820080Z"}, {"uuid": "9e71edc1-3c2f-4145-bce2-e98bae29b2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/bleepingcomputer.com/post/3llpcgrjcm22q", "content": "", "creation_timestamp": "2025-03-31T21:28:24.483139Z"}, {"uuid": "702202b4-e000-4382-8e5c-3d9fc4000ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3694506", "content": "", "creation_timestamp": "2025-03-31T22:13:05.776380Z"}, {"uuid": "fcd48745-df59-439f-83e1-2408ccd6da72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3694506", "content": "", "creation_timestamp": "2025-03-31T22:13:05.794558Z"}, {"uuid": "82385f46-1b2d-4ff9-8f16-64dec8fd5dc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lku34ezxdc27", "content": "", "creation_timestamp": "2025-03-21T01:35:25.724106Z"}, {"uuid": "2faa1922-b7b0-4087-b2ee-9a5f615dcb44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/r-blueteamsec.bsky.social/post/3ll4vsryny52t", "content": "", "creation_timestamp": "2025-03-24T13:54:31.820586Z"}, {"uuid": "f6df6d6d-0ec0-4a53-bc99-ddc48bf08f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/sansisc.bsky.social/post/3lkqc7obl6t2k", "content": "", "creation_timestamp": "2025-03-19T13:31:52.632604Z"}, {"uuid": "63b6b753-d791-4c0c-9c5c-f11ad04180db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6qzvgzsmi2", "content": "", "creation_timestamp": "2025-03-25T07:35:18.089999Z"}, {"uuid": "5d453fb5-d8a2-4c18-b989-5e28f2388243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lkslt3vgm22x", "content": "", "creation_timestamp": "2025-03-20T11:29:07.418647Z"}, {"uuid": "40b60985-e8af-4e5f-8bf3-5b0fd9f61c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://threatintel.cc/2025/03/24/ongoing-cyber-attacks-exploit-critical.html", "content": "", "creation_timestamp": "2025-03-24T10:46:15.000000Z"}, {"uuid": "3888a3d4-46e5-4721-b2c0-cf13888c91dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/114200093447980587", "content": "", "creation_timestamp": "2025-03-21T11:05:38.028091Z"}, {"uuid": "122c3d77-e6f3-43c5-9b1d-89ae1c8ba155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llfypfe6bc2a", "content": "", "creation_timestamp": "2025-03-28T04:40:16.698082Z"}, {"uuid": "f2131647-caaa-4023-ac90-672d568ade5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lltjzk64ad2d", "content": "", "creation_timestamp": "2025-04-02T13:54:48.557239Z"}, {"uuid": "a8e42ba4-dd3f-4d75-8f9d-5923abb3d0db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3llvyrziglc2z", "content": "", "creation_timestamp": "2025-04-03T13:24:23.392725Z"}, {"uuid": "d2f81b7e-82cc-4e99-ae90-66c9f4927264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3llvyul523s2k", "content": "", "creation_timestamp": "2025-04-03T13:25:49.761127Z"}, {"uuid": "b419ca84-9e51-485e-ad64-2a6d18f74100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3llxct6cbu622", "content": "", "creation_timestamp": "2025-04-04T01:56:36.406963Z"}, {"uuid": "6243b780-3af6-4498-87d1-64d379645469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3llxxoqp6xc2p", "content": "", "creation_timestamp": "2025-04-04T08:09:56.881076Z"}, {"uuid": "adf209d4-8283-4360-b1d2-33d57639a712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3llymty3lwk2x", "content": "", "creation_timestamp": "2025-04-04T14:28:41.291181Z"}, {"uuid": "d792f3d7-6b4f-4d70-a4cc-e2580c013649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llzmbptga22g", "content": "", "creation_timestamp": "2025-04-04T23:51:10.883490Z"}, {"uuid": "5b325019-994d-429d-9936-bc19cbd42e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lu4fconj6f25", "content": "", "creation_timestamp": "2025-07-16T21:45:56.086835Z"}, {"uuid": "2f62cdf6-35ec-40c4-aa01-b920649c3a10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/ntkramer.bsky.social/post/3lu4fcylb4b26", "content": "", "creation_timestamp": "2025-07-16T21:46:07.101809Z"}, {"uuid": "d5397e69-05f5-4151-8693-38bbdb314d7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://infosec.exchange/users/ntkramer/statuses/114865100482587912", "content": "", "creation_timestamp": "2025-07-16T21:46:49.267942Z"}, {"uuid": "4c517d1e-191d-4ece-9732-8f227ea49e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-08-10T18:27:44.000000Z"}, {"uuid": "2edfd5ad-b201-4665-9f7d-e6ed8b22edad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "56edd2ff-292b-42e1-93ad-a9d54811dd4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-14)", "content": "", "creation_timestamp": "2025-10-14T00:00:00.000000Z"}, {"uuid": "213ce44f-32ed-4515-a5b8-db685e0c5efa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-22)", "content": "", "creation_timestamp": "2025-09-22T00:00:00.000000Z"}, {"uuid": "cdcf5d22-6646-40a1-8e27-b3d510b510d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-29)", "content": "", "creation_timestamp": "2025-09-29T00:00:00.000000Z"}, {"uuid": "c4d4442e-6f97-4ef0-bb2c-19215fbeccc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "b72281d9-72ba-4c84-b108-7d25f2d77e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "c7db5ac4-d7cf-4933-ba50-5b53a554a8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "e5c9ead0-1604-4869-9d6b-d09051c1a500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "b7eb3b23-b117-401e-93f4-7f4390ac8819", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-22)", "content": "", "creation_timestamp": "2026-04-22T00:00:00.000000Z"}, {"uuid": "4f4edf4f-5758-4038-96d5-750665bc1d85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/14184", "content": "\u200aResearcher Details CVE-2024-20439 (CVSS 9.8) Flaw in Cisco Smart Licensing Utility\n\nhttps://securityonline.info/researcher-details-cve-2024-20439-cvss-9-8-flaw-in-cisco-smart-licensing-utility/", "creation_timestamp": "2024-09-24T10:52:18.000000Z"}, {"uuid": "4d0f0e61-3e3b-4338-bc4b-1e12af9e65f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/447", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T14:59:40.000000Z"}, {"uuid": "bc914117-92d5-4b97-9f87-aefd4a7b5d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/itsec_news/5563", "content": "\u200b\u26a1\ufe0fCSLU \u043f\u043e\u0434 \u0430\u0442\u0430\u043a\u043e\u0439: \u0445\u0430\u043a\u0435\u0440\u044b \u043c\u0430\u0441\u0441\u043e\u0432\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 Cisco\n\n\ud83d\udcac \u0412 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 Cisco Smart Licensing Utility (CSLU) \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u043f\u0435\u0440\u0432\u044b\u0435 \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u043e\u0439\u0442\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0447\u0435\u0440\u0435\u0437 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u0443\u044e \u0443\u0447\u0451\u0442\u043d\u0443\u044e \u0437\u0430\u043f\u0438\u0441\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2024-20439 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 9.8) \u0438 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0435\u0449\u0451 \u0432 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u0435 2024 \u0433\u043e\u0434\u0430, \u043e\u0434\u043d\u0430\u043a\u043e \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u043d\u0435\u0437\u0430\u0449\u0438\u0449\u0451\u043d\u043d\u044b\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b CSLU.\n\nCSLU \u2014 \u044d\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 Cisco \u043d\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u044b\u0432\u0430\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u043c \u0441\u0435\u0440\u0432\u0438\u0441\u043e\u043c Smart Software Manager. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0436\u0451\u0441\u0442\u043a\u043e \u0437\u0430\u0448\u0438\u0442\u044b\u0435 \u0432 \u043a\u043e\u0434 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0434\u043b\u044f \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0439 \u0434\u043e\u0441\u0442\u0443\u043f \u043a API CSLU \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0441\u0443\u043f\u0435\u0440\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e Cisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0435\u0449\u0451 \u043e\u0434\u043d\u0443 \u043e\u0448\u0438\u0431\u043a\u0443 \u2014 CVE-2024-20440 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.5), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u043b\u043e\u0433\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0445 \u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0440\u043e\u0434\u0435 API-\u043a\u043b\u044e\u0447\u0435\u0439, \u043f\u0443\u0442\u0451\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043a\u0438 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438. \u041e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u043a\u0442\u0438\u0432\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u0440\u0443\u0447\u043d\u043e\u043c \u0437\u0430\u043f\u0443\u0441\u043a\u0435 CSLU, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 \u043d\u0435 \u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442 \u0432 \u0444\u043e\u043d\u043e\u0432\u043e\u043c \u0440\u0435\u0436\u0438\u043c\u0435 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e.\n\n\u041f\u0435\u0440\u0432\u044b\u0435 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u044f\u0432\u0438\u043b\u0438\u0441\u044c \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u2014\u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442 Aruba \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043f\u0430\u0440\u043e\u043b\u044c \u043e\u0442 \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0439 \u0443\u0447\u0451\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430. \u042d\u0442\u043e \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043e\u0431\u043b\u0435\u0433\u0447\u0438\u043b\u043e \u0437\u0430\u0434\u0430\u0447\u0443 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c.\n\n\u0418\u043d\u0441\u0442\u0438\u0442\u0443\u0442 \u0442\u0435\u0445\u043d\u043e\u043b\u043e\u0433\u0438\u0439 SANS \u0441\u043e\u043e\u0431\u0449\u0438\u043b, \u0447\u0442\u043e \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0431\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0435 \u0430\u0442\u0430\u043a \u043d\u0430 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0435 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b CSLU. \u0425\u043e\u0442\u044f \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043e \u043d\u0435 \u0431\u044b\u043b\u043e, \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u044f \u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043f\u0430\u0440\u043e\u043b\u044f\u043c \u043f\u043e\u0432\u044b\u0441\u0438\u043b\u0438 \u043f\u0440\u0438\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u043b\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0444\u0438\u043a\u0441\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438, \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Cisco.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442\u0441\u044f \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u0432 \u0447\u0430\u0441\u0442\u043d\u043e\u0441\u0442\u0438 \u0446\u0438\u0444\u0440\u043e\u0432\u044b\u0435 \u0432\u0438\u0434\u0435\u043e\u0440\u0435\u0433\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Guangzhou Yingke Electronic, \u0433\u0434\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 CVE-2024-0305 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 7.5). \u042d\u0442\u043e \u0433\u043e\u0432\u043e\u0440\u0438\u0442 \u043e \u0448\u0438\u0440\u043e\u043a\u043e\u0439 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e \u043f\u043e\u0438\u0441\u043a\u0443 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u044e\u0449\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e \u043e \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u0430\u0442\u0430\u043a, Cisco \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0451 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u044f\u044f \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u044b (PSIRT) \u043d\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u043e\u0432 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-03-23T18:17:07.000000Z"}, {"uuid": "9efcca64-e703-4047-b0b2-a68c59ae143e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20431", "type": "seen", "source": "https://t.me/cvedetector/8756", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20431 - \"Cisco FTD Software Geolocation Access Control Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-20431 \nPublished : Oct. 23, 2024, 6:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy.  \n  \n This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device. A successful exploit could allow the attacker to bypass a geolocation-based access control policy and successfully send traffic to a protected device. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T20:45:13.000000Z"}, {"uuid": "bd3613e6-f32b-4df2-b022-414113845fe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20436", "type": "seen", "source": "https://t.me/cvedetector/6347", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20436 - \"Cisco IOS XE Telephony Service HTTP Server DoS Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20436 \nPublished : Sept. 25, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the HTTP Server feature of Cisco IOS XE Software when the Telephony Service feature is enabled could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.  \n  \n This vulnerability is due to a null pointer dereference when accessing specific URLs. An attacker could exploit this vulnerability by sending crafted HTTP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, causing a DoS condition on the affected device. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T20:13:20.000000Z"}, {"uuid": "dc3fc951-18f6-48df-9d08-a79444e34c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20434", "type": "seen", "source": "https://t.me/cvedetector/6346", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20434 - \"Cisco IOS XE Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20434 \nPublished : Sept. 25, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device.  \n  \n This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T20:13:19.000000Z"}, {"uuid": "7284288b-2434-43af-9b92-da5d711fbd18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://t.me/cvedetector/6352", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20433 - Cisco RSVP Buffer Overflow DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20433 \nPublished : Sept. 25, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the Resource Reservation Protocol (RSVP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.  \n  \n This vulnerability is due to a buffer overflow when processing crafted RSVP packets. An attacker could exploit this vulnerability by sending RSVP traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T20:13:28.000000Z"}, {"uuid": "b8074e1c-8703-49e5-bbc1-942b8e2ed48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20437", "type": "seen", "source": "https://t.me/cvedetector/6348", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20437 - \"Cisco IOS XE CSRF Enabled Command Execution\"\", \n  \"Content\": \"CVE ID : CVE-2024-20437 \nPublished : Sept. 25, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a cross-site request forgery (CSRF) attack and execute commands on the CLI of an affected device.  \n  \n This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an already authenticated user to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on the affected device with the privileges of the targeted user. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T20:13:21.000000Z"}, {"uuid": "9bc61a35-4cb7-42dd-b609-1b05e1b73d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1340", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T13:30:44.000000Z"}, {"uuid": "f9113155-10ae-47e3-bf6d-61509d7f4050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/cvedetector/4823", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20439 - Cisco Smart Licensing Utility Static Credential Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-20439 \nPublished : Sept. 4, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.  \n  \nThis vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T20:15:49.000000Z"}, {"uuid": "7ad6c5d8-9d18-4ecf-8815-42403ed23931", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/817", "content": "\u26a1\ufe0fAnalysis of CVE-2024-20439 in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-21T11:30:54.000000Z"}, {"uuid": "9d8a7e86-165e-4bd0-99ca-13c2f62a8540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/551", "content": "\u26a1\ufe0fCritical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control.\n\n#CyberBulletin", "creation_timestamp": "2024-09-05T07:07:50.000000Z"}, {"uuid": "bf3302d5-fb63-4e6e-be69-e86c9423e997", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20435", "type": "seen", "source": "https://t.me/cvedetector/1101", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20435 - Cisco AsyncOS Secure Web Appliance Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20435 \nPublished : July 17, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commands and elevate privileges to root.  \n  \n This vulnerability is due to insufficient validation of user-supplied input for the CLI. An attacker could exploit this vulnerability by authenticating to the system and executing a crafted command on the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root. To successfully exploit this vulnerability, an attacker would need at least guest credentials. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T19:53:42.000000Z"}, {"uuid": "f2266050-8c57-461b-9e08-773f56c95656", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/878", "content": "\u26a1\ufe0fResearcher Details CVE-2024-20439 (CVSS 9.8) Flaw in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-24T09:29:54.000000Z"}, {"uuid": "7fd150ce-4f12-4342-9492-be6bda657fb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "Telegram/ejwuLqTxrHD_r3-5w6M_okMyZGnazaXxkG5LywhZwTAfiQ", "content": "", "creation_timestamp": "2024-09-05T10:15:16.000000Z"}, {"uuid": "ac4ae222-cc30-42bf-9b06-cb0f916c02d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11189", "content": "#exploit\n1. CVE-2024-9043:\nCellopoint Secure Email Gateway - Buffer Overflow in authentication process\nhttps://github.com/maybeheisenberg/CVE-2024-9043\n\n2. CVE-2024-7120:\nRaisecom Command Injection\nhttps://github.com/codeb0ss/CVE-2024-7120-PoC\n]-> https://github.com/fa-rrel/CVE-2024-7120\n\n3. CVE-2024-20439/\nCVE-2024-20440:\nCisco Smart Licensing Utility Static Credential/Information Disclosure\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-25T22:02:36.000000Z"}, {"uuid": "3e197b9d-05f1-4f86-a465-882bcd877ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3llpjyeiatr2p", "content": "", "creation_timestamp": "2025-03-31T23:43:28.945356Z"}, {"uuid": "6082eff7-e020-40d6-bcd0-cf6f420fb44d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114212158674507923", "content": "", "creation_timestamp": "2025-03-23T14:14:06.526992Z"}, {"uuid": "c3f45f28-d1ab-400f-aa78-a5e7ef90be5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3lkx7het2i22x", "content": "", "creation_timestamp": "2025-03-22T07:31:08.224297Z"}, {"uuid": "c4dc41ea-51a7-4ff6-9bf5-2fe21ddd47e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://thehackernews.com/2025/03/ongoing-cyber-attacks-exploit-critical.html", "content": "", "creation_timestamp": "2025-03-21T04:09:00.000000Z"}, {"uuid": "6833f984-dbc3-4147-a370-73b50f6aef90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-c24d9afd-a8d3a11e9e0ebfdf", "content": "", "creation_timestamp": "2025-03-21T08:02:16.305307Z"}, {"uuid": "3a61ccf7-0d07-400a-8727-7e11a13bb27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-06)", "content": "", "creation_timestamp": "2025-10-06T00:00:00.000000Z"}, {"uuid": "578008b1-a0e2-4cf9-94aa-5af50eef149a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:14.000000Z"}, {"uuid": "590e9baa-b2fe-40e0-8617-e26826896d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-21)", "content": "", "creation_timestamp": "2026-02-21T00:00:00.000000Z"}, {"uuid": "69854c60-60dc-41e1-9d66-5be9238411a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-16)", "content": "", "creation_timestamp": "2026-03-16T00:00:00.000000Z"}, {"uuid": "10c1443e-5219-4ade-baef-a456d55fcb6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-24)", "content": "", "creation_timestamp": "2026-03-24T00:00:00.000000Z"}, {"uuid": "bfb894bc-f14d-4900-bc51-bfaa93f50366", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-13)", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "bba534d2-5d3f-4178-a84b-2c484a6b5042", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9265", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-20439\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to log in to an affected system by using a static administrative credential.\n\nThis vulnerability is due to an undocumented static user credential for an administrative account. An attacker could exploit this vulnerability by using the static credentials to log in to the affected system. A successful exploit could allow the attacker to log in to the affected system with administrative privileges over the API of the Cisco Smart Licensing Utility application.\n\ud83d\udccf Published: 2024-09-04T16:28:39.669Z\n\ud83d\udccf Modified: 2025-03-28T03:55:49.443Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw", "creation_timestamp": "2025-03-28T04:29:58.000000Z"}, {"uuid": "6d6c38f0-c02b-4a19-818b-6fcaac40cc09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/claytechsolution/266", "content": "The Hacker News\nOngoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility\n\nTwo now-patched security flaws impacting Cisco Smart Licensing Utility are seeing active exploitation attempts, according to SANS Internet Storm Center.\nThe two critical-rated vulnerabilities in question are listed below - \n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account that an attacker could exploit to log in to an", "creation_timestamp": "2025-03-21T09:01:37.000000Z"}, {"uuid": "4ac3860f-0ac8-4702-b31d-5fcb55bf1139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/CyberBulletin/2742", "content": "\u26a1Hardcoded admin logins. Leaky debug logs. Cisco Smart Licensing Utility is under fire.\n\nHackers are actively exploiting CVE-2024-20439 & CVE-2024-20440\u2014both rated 9.8.\n\nAccess to admin creds & APIs is on the line.\n\n#CyberBulletin", "creation_timestamp": "2025-03-21T13:29:30.000000Z"}, {"uuid": "20bb98e1-5805-4ee9-a01f-85aad9e4b96b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/19661", "content": "The Hacker News\nCisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks\n\nCisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.\nA brief description of the two vulnerabilities is below -\n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account", "creation_timestamp": "2024-09-05T10:15:16.000000Z"}, {"uuid": "b373f5f8-7184-47f0-9f26-565c9ef2066c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "Telegram/w7UA3BpYxIqL4T-o5IOdMJaNhGZ0ZmWdYhkbiw8oLP-yWQ", "content": "", "creation_timestamp": "2024-09-05T07:50:52.000000Z"}, {"uuid": "8ba6f099-dd64-48a5-98d2-e8bdf49be1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/KomunitiSiber/2515", "content": "Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks\nhttps://thehackernews.com/2024/09/cisco-fixes-two-critical-flaws-in-smart.html\n\nCisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.\nA brief description of the two vulnerabilities is below -\n\nCVE-2024-20439 (CVSS score: 9.8) - The presence of an undocumented static user credential for an administrative account", "creation_timestamp": "2024-09-05T09:22:17.000000Z"}, {"uuid": "1cb7e850-fe94-423d-9218-33319b152781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "Telegram/Pv_1_Yirmz44llZl3vJApgG_6NanniLXxKCtgiGXtFReH0M", "content": "", "creation_timestamp": "2025-03-24T13:08:31.000000Z"}, {"uuid": "89db1541-74c2-4fea-a10e-f7b49d9cce1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/true_secator/6171", "content": "Cisco \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u044f\u0432\u043d\u043e \u0437\u0430\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u0435\u0442 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u044f.\n\n\u0412\u043e-\u043f\u0435\u0440\u0432\u044b\u0445, \u0432 \u041f\u041e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445 Cisco Identity Services Engine (ISE) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438 \u043d\u0435\u0439\u0442\u0440\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c PoC.\n\n\u041a\u0430\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442\u00a0\u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434\u0430\u0445 CLI \u0432 ISE \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421 \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\nCVE-2024-20469 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0442 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u044f\u0435\u0442 Cisco, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0443 \u043d\u0438\u0445 \u0443\u0436\u0435 \u0435\u0441\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445. \u0414\u043e \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0433\u043e \u0432\u0440\u0435\u043c\u0435\u043d\u0438 \u044d\u0442\u043e\u0433\u043e \u0435\u0449\u0435 \u043d\u0438\u043a\u0442\u043e \u043d\u0435 \u0441\u0434\u0435\u043b\u0430\u043b.\n\n\u0412\u043e-\u0432\u0442\u043e\u0440\u044b\u0445, Cisco \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043e\u0431\u00a0\u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u0431\u044d\u043a\u0434\u043e\u0440-\u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u00a0\u0432 \u0443\u0442\u0438\u043b\u0438\u0442\u0435 Smart Licensing Utility \u0434\u043b\u044f Windows, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u0445\u043e\u0434\u0430 \u0432 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCSLU - \u044d\u0442\u043e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 Windows, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043f\u043e\u043c\u043e\u0433\u0430\u0435\u0442 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u043c\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u043d\u0435 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u0445 \u043a \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c\u0443 \u0440\u0435\u0448\u0435\u043d\u0438\u044e Cisco Smart Software Manager.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f CVE-2024-20439 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u043e\u0439\u0442\u0438 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0447\u0435\u0440\u0435\u0437 API \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Cisco Smart Licensing Utility.\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 CLSU (CVE-2024-20440).\n\n\u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0444\u0430\u0439\u043b\u0430\u043c \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 (\u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 API), \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u044b \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.\n\n\u0415\u0441\u043b\u0438 \u0432\u0441\u0435 \u0432\u044b\u0448\u0435\u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043d\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c (\u0432\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u043f\u043e\u043a\u0430), \u0442\u043e \u0441\u0430\u0439\u0442 Cisco Merchandise Store \u043f\u043e \u043f\u0440\u043e\u0434\u0430\u0436\u0435 \u0442\u043e\u0432\u0430\u0440\u043e\u0432 \u0441 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u043e\u0439 \u043f\u0435\u0440\u0435\u0436\u0438\u043b \u0430\u0442\u0430\u043a\u0443 CosmicSting (CVE-2024-34102) \u0438 \u0441\u0435\u0439\u0447\u0430\u0441 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043d\u0430 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438.\n\n\u0418\u043d\u044b\u043c\u0438 \u0441\u043b\u043e\u0432\u0430\u043c \u0431\u044b\u043b \u0432\u0437\u043b\u043e\u043c\u0430\u043d \u0438 \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u043b \u043a\u043e\u0434 JavaScript, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043a\u0440\u0430\u043b \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u043e\u0444\u043e\u0440\u043c\u043b\u0435\u043d\u0438\u0438 \u0437\u0430\u043a\u0430\u0437\u0430. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e, \u0432\u0437\u043b\u043e\u043c \u043f\u0440\u043e\u0438\u0437\u043e\u0448\u0435\u043b \u0432 \u043c\u0438\u043d\u0443\u0432\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435.\n\n\u0421\u0430\u043c\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0438\u043a\u0430\u043a \u043d\u0435 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0438\u0440\u0443\u0435\u0442 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442.", "creation_timestamp": "2024-09-05T15:19:45.000000Z"}, {"uuid": "fd002ad6-69cc-46f0-acc5-e6214de0df9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/InfoSecInsider/194", "content": "\u26a1\ufe0fCritical Cisco SLU Vulnerabilities CVE-2024-20439 and CVE-2024-20440 Threaten Remote Admin Control.\n\n#CyberBulletin", "creation_timestamp": "2024-09-06T11:36:43.000000Z"}, {"uuid": "75fcc24a-770c-4f10-bc44-27f7e53f91c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "exploited", "source": "https://t.me/thehackernews/6530", "content": "\ud83d\udd25 Hardcoded admin logins. Leaky debug logs. Cisco Smart Licensing Utility is under fire.\n\nHackers are actively exploiting CVE-2024-20439 & CVE-2024-20440\u2014both rated 9.8.\n\nAccess to admin creds & APIs is on the line.\n\nSee the full story \ud83d\udc49 https://thehackernews.com/2025/03/ongoing-cyber-attacks-exploit-critical.html", "creation_timestamp": "2025-03-21T06:15:07.000000Z"}, {"uuid": "d629ff98-6511-4d99-a716-3de90c3e88b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/9147", "content": "StarkeBlog - CVE Wednesday - CVE-2024-20439\n\nhttps://starkeblog.com/cve-wednesday/cisco/2024/09/20/cve-wednesday-cve-2024-20439.html", "creation_timestamp": "2024-09-22T08:43:59.000000Z"}, {"uuid": "02126f5f-6877-4568-bd41-c709c18692d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://t.me/CyberBulletin/25756", "content": "\u26a1\ufe0fResearcher Details CVE-2024-20439 (CVSS 9.8) Flaw in Cisco Smart Licensing Utility.\n\n#CyberBulletin", "creation_timestamp": "2024-09-24T11:01:54.000000Z"}, {"uuid": "68c65d87-0830-4dcc-bbb6-f1f6a8028fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llpwvee35k24", "content": "", "creation_timestamp": "2025-04-01T03:34:28.641012Z"}, {"uuid": "68490219-ab29-41fa-a8a0-a6c02eb22a7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3llpbxocxok22", "content": "", "creation_timestamp": "2025-03-31T21:19:56.363486Z"}, {"uuid": "bfef3998-4d77-4347-8cb8-6d0e1e68192e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll5m2fphmug2", "content": "", "creation_timestamp": "2025-03-24T20:34:21.433474Z"}, {"uuid": "ba0cc350-6ac9-428e-be07-816d903a3249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lkvkw2ye642d", "content": "", "creation_timestamp": "2025-03-21T15:50:53.157768Z"}, {"uuid": "6529cbba-a42f-4acc-89a8-a4042ee6c6a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6yo3watiy2", "content": "", "creation_timestamp": "2025-03-25T09:52:43.076439Z"}, {"uuid": "6bad21e3-024d-4484-be26-57514d9a08be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6mugzlxzo2", "content": "", "creation_timestamp": "2025-03-25T06:19:56.354487Z"}, {"uuid": "cec6166c-fc59-4754-96be-76358609e617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llb7xzhp2ap2", "content": "", "creation_timestamp": "2025-03-26T07:12:28.173271Z"}, {"uuid": "b80474b5-3af0-4dc6-a1e4-7e07c7a3bd33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llbdzwm7v6n2", "content": "", "creation_timestamp": "2025-03-26T08:26:52.393137Z"}, {"uuid": "67cdaf26-306d-4918-90f0-31a2d94cd2dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3ll6thtozmcy2", "content": "", "creation_timestamp": "2025-03-25T08:18:11.773394Z"}, {"uuid": "1ee10112-90ce-48ba-94bd-a6647705b8c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llrrgnjdsx2z", "content": "", "creation_timestamp": "2025-04-01T21:02:04.798153Z"}, {"uuid": "bc5aa522-ae5e-4bb0-98d7-8dd47a42f1d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llpjjhukl52g", "content": "", "creation_timestamp": "2025-03-31T23:35:09.255563Z"}, {"uuid": "baa3fd0a-7029-4a29-9741-6fd5e7e91592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3llwjzrcigx2d", "content": "", "creation_timestamp": "2025-04-03T18:32:54.504327Z"}, {"uuid": "cce353d3-dab3-493e-bf5e-099f3d22b8ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://threatintel.cc/2025/04/03/attackers-are-leveraging-cisco-smart.html", "content": "", "creation_timestamp": "2025-04-03T15:22:33.000000Z"}, {"uuid": "ab823af4-7d70-4002-af19-0eedae9d5b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/xc0py.bsky.social/post/3llwztzftjc23", "content": "", "creation_timestamp": "2025-04-03T23:16:01.675694Z"}, {"uuid": "fc8c4d6f-768d-413f-83cb-254552b884a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lm47muesgk2x", "content": "", "creation_timestamp": "2025-04-06T00:42:45.020049Z"}, {"uuid": "79205b99-0570-4fe4-ba2f-875efa27d5b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c", "content": "", "creation_timestamp": "2025-09-10T07:47:56.000000Z"}, {"uuid": "508a7ebc-dc7d-4bb4-bb57-5eca34e0fdca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20439", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "9d3b6393-bf72-4a4a-a69d-f5a073f1f4d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "7a1c057b-b4f9-47a0-ab1f-74baa922bbf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "10fdae28-8a66-4c6c-a84c-cd978dc9f4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "cc93ee7a-4fba-47be-9763-31cac69a1f99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "930b319c-d3a4-43a5-81cb-ee9e1c1f4965", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "36dc3293-f214-42f3-90fe-63113c3f4d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "12631f73-7e10-45ee-8ffa-75db2d960350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}, {"uuid": "3fc96f28-24ea-4cd7-b180-435423f0afea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20433", "type": "seen", "source": "https://www.jerrygamblin.com/2025/01/05/2024-cve-data-review/", "content": "", "creation_timestamp": "2025-01-04T23:04:57.000000Z"}]}