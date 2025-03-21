Exploitation of the the static credential flaw, tracked as CVE-2024-20439, through the use of simple fixed passwords could facilitate the compromise of a log file exposed by the information disclosure bug, tracked as CVE-2024-20440, and eventual access of targeted devices, according to SANS Internet Storm Center's Johannes Ullrich, who remains uncertain of the success of the attempted exploitation. Malicious activity has been associated with a botnet with at least 10 bots facilitating scanning and attacks. "In addition to the Cisco vulnerabilities, this botnet also scans for exposed secrets. For example backup files like /backup.gz that are sometimes left behind by careless administrators. The bots that are part of this botnet have been scanning for a variety of vulnerabilities for a few weeks now," said Ullrich.