CISA Updates Known Exploited Vulnerabilities Catalog with Ivanti CSA and Fortinet Products Bugs

October 14, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included new vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities pertain to Ivanti's Cloud Service Appliance (CSA) and Fortinet products.

Last week, Ivanti issued a warning regarding three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its CSA. These vulnerabilities are being actively exploited in attacks. Threat actors are combining these three vulnerabilities with the CSA zero-day CVE-2024-8963 (with a CVSS score of 9.4) that Ivanti addressed in September. These vulnerabilities could be exploited by threat actors to conduct SQL injection attacks, execute arbitrary code via command injection, and bypass security restrictions by exploiting a path traversal weakness on vulnerable CSA gateways.

Ivanti stated in its advisory, “We are aware of a limited number of customers running CSA 4.6 patch 518 and prior who have been exploited when CVE-2024-9379, CVE-2024-9380 or CVE-2024-9381 are chained with CVE-2024-8963.” It further noted, “We have no evidence of any other vulnerabilities being exploited in the wild. These vulnerabilities do not impact any other Ivanti products or solutions.”

As per the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal civilian executive branch (FCEB) agencies are required to address these identified vulnerabilities by the stipulated deadline to safeguard their networks against attacks exploiting these flaws. Experts also advise private organizations to review the Catalog and address the vulnerabilities in their infrastructure.

CISA has mandated federal agencies to rectify this vulnerability by October 30, 2024.

Related News

Latest News

Like what you see?

Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.

Subscribe Below

By submitting this form, you’re giving us permission to email you. You may unsubscribe at any time.

Accelerate Security Teams

Continuously identify and prioritize the risks that are most critical in your environment, and validate that your remediation efforts are reducing risk. An always-on single source-of-truth of your assets, services, and vulnerabilities.