Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the password of any user on its Smart Software Manager On-Prem license servers (CVE-2024-20419). Neither of the flaws are exploited in the wild, but both are remotely exploitable by unauthenticated attackers, so prompt action is advised.

Source: Help Net Security