As we race towards the weekend we are being hit by several hard-hitting security bulletins being released. Let me give you a quick rundown of the most … interesting?
We’ve got Fortinet with CVE-2024-21762 describing an out-of-bounds write vulnerability impacting their SSLVPN service on a broad range of versions of their FortiOS vulnerable to this RCE. Only FortiOS 7.6 comes out unscathed requiring no actions if you’re running this version. With a CVSSv3 score of 9.6 and a vendor recommendation to either patch immediately, or disable the SSL VPN until you can patch. This is a quite severe one that requires attention.
Relevant information can be found on the Fortinet PSIRT site, or this hotlink and off-course the spotitsecurity.com website as well.
Next up we have a return contestant Ivanti. Just shy of a month after their CVE-2023-46805 and CVE-2024-21887 vulnerabilities for the Secure Gateways we’re being notified of another somewhat related Vulnerability, aptly named CVE-2024-2202. Again related to the Connect Secure, and Ivanti Policy Secure products Ivanti hasn’t seen any active exploitation of this vulnerability just yet. Customers who applied the patches of 31st of January, or the 1st of February and completed a factory reset do not need to do so again. The advice does remain to patch immediately.
Ivanti has posted this information on their website, and we have a short summary available as well.
A third and hopefully final recent major vulnerability announcement came from Juniper. Who’s Juneos seems to suffer from a stack based vanilla overflow. Which when exploited can result in a remote code execution without authentication. Not something you would want to keep around. CVE-2024-21591 scores a respectable CVSSv3 9.8, also warranting some love from the local administration team. Jupiper was kind enough to describe the problem, mitigation, and vulnerable versions in an article on their Knowledge Base. However Cursesec also posted an article indicating that there are more versions susceptible to this exploit then listed by Juniper. So if you’re still rocking one of these you also might want to check out the mitigation path.
Besides all of this, how’s your read-only Friday going?
As always the spotit security team is keeping an eye on what’s happening out there, and our NOC is hard at work to implement the required patches on the managed infrastructure of our customers.