According to the two deficiencies affecting Sans Internet Storm Center.
A Two vulnerabilities of a critical evaluation over the question given below –
- Cve-2024-20439 (CVSS assessment: 9.8) – Having undocumented static account users for an administrative account that the attacker could use to enter the affected system
- Cve-2024-20440 (CVSS assessment: 9.8) – a vulnerability that arises from -wit the excessively long -word debug log that can apply to access such files by means of a http request and get credentials that can be used to access API
Successful exploitation of disadvantages can allow an attacker to enter the affected system with administrative privileges, as well as get log files that contain sensitive data, including credentials that can be used to access API.
Given this, the vulnerability is only used in the scripts when the utility is actively working.
A drawnwhich are affected by 2.0.0, 2.1.0 and 2.2.0, since then Cisco in September 2024.
As of March 2025, Threat Actor has been observed assoting to actively exploit the two vulnerabilities, sans technology institute’s deanch Johannes B. Ullrich Said, Adding Actors Are Also Weaponizing Other Flaws, Including What Appears To Be An Information Disclosure Flaw (Cve-2024-0305.
It is now unknown what the company is the final goal or who is behind it. In light of active abuse, it is very important that users use the necessary patches to optimal protection.
