Cisco Fixes Two Critical Flaws in Smart Licensing Utility to Prevent Remote Attacks

Cisco has released security updates for two critical security flaws impacting its Smart Licensing Utility that could allow unauthenticated, remote attackers to elevate their privileges or access sensitive information.
A brief description of the two vulnerabilities is below –

CVE-2024-20439 (CVSS score: 9.8) – The presence of an undocumented static user credential for an administrative account