CISA Updates Known Exploited Vulnerabilities Catalog with Ivanti CSA and Fortinet Products Bugs
October 14, 2024
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included new vulnerabilities in its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities pertain to Ivanti's Cloud Service Appliance (CSA) and Fortinet products.
Last week, Ivanti issued a warning regarding three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its CSA. These vulnerabilities are being actively exploited in attacks. Threat actors are combining these three vulnerabilities with the CSA zero-day CVE-2024-8963 (with a CVSS score of 9.4) that Ivanti addressed in September. These vulnerabilities could be exploited by threat actors to conduct SQL injection attacks, execute arbitrary code via command injection, and bypass security restrictions by exploiting a path traversal weakness on vulnerable CSA gateways.
Ivanti stated in its advisory, “We are aware of a limited number of customers running CSA 4.6 patch 518 and prior who have been exploited when CVE-2024-9379, CVE-2024-9380 or CVE-2024-9381 are chained with CVE-2024-8963.” It further noted, “We have no evidence of any other vulnerabilities being exploited in the wild. These vulnerabilities do not impact any other Ivanti products or solutions.”
As per the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal civilian executive branch (FCEB) agencies are required to address these identified vulnerabilities by the stipulated deadline to safeguard their networks against attacks exploiting these flaws. Experts also advise private organizations to review the Catalog and address the vulnerabilities in their infrastructure.
CISA has mandated federal agencies to rectify this vulnerability by October 30, 2024.
Related News
- Ivanti Alerts on Three New Actively Exploited CSA Zero-Days
- Ivanti Cloud Services Appliance Vulnerability Added to CISA's Known Exploited Vulnerabilities Catalog
- Critical CSA Vulnerability Exploited in Attacks: Ivanti Issues Warning
Latest News
- Nation-State Threat Actors Exploit Ivanti CSA Zero-Day Vulnerabilities
- Iran's APT34 Intensifies Cyberattacks Exploiting Windows Flaw
- Russian APT29 Group Targets Zimbra and JetBrains TeamCity Servers
- CISA Issues Warning on Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance
- Ransomware Gangs Exploit Critical Veeam RCE Flaw: Akira and Fog Ransomware in Focus
Like what you see?
Get a digest of headlines, vulnerabilities, risk context, and more delivered to your inbox.