Cisco, Fortinet, and VMware have launched safety fixes for a number of safety vulnerabilities, together with important weaknesses that might be exploited to carry out arbitrary actions on affected gadgets.
The primary set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 (CVSS rating: 9.6) and CVE-2024-20255 (CVSS rating: 8.2) – impacting Cisco Expressway Sequence that might enable an unauthenticated, distant attacker to conduct cross-site request forgery (CSRF) assaults.
All the problems, which have been discovered throughout inner safety testing, stem from inadequate CSRF protections for the web-based administration interface that might allow an attacker to carry out arbitrary actions with the privilege stage of the affected consumer.
“If the affected consumer has administrative privileges, these actions might embody modifying the system configuration and creating new privileged accounts,” Cisco mentioned about CVE-2024-20252 and CVE-2024-20254.
However, profitable exploitation of CVE-2024-20255 focusing on a consumer with administrative privileges might allow the menace actor to overwrite system configuration settings, leading to a denial-of-service (DoS) situation.
One other essential distinction between the 2 units of flaws is that whereas the previous two have an effect on Cisco Expressway Sequence gadgets within the default configuration, CVE-2024-20252 solely impacts them if the cluster database (CDB) API function has been enabled. It is disabled by default.
Patches for the vulnerabilities can be found in Cisco Expressway Sequence Launch variations 14.3.4 and 15.0.0.
Fortinet, for its half, has launched a second spherical of updates to deal with what are bypasses for a beforehand disclosed important flaw (CVE-2023-34992, CVSS rating: 9.7) in FortiSIEM supervisor that might consequence within the execution of arbitrary code, in accordance to Horizon3.ai researcher Zach Hanley.
Tracked as CVE-2024-23108 and CVE-2024-23109 (CVSS scores: 9.8), the failings “could enable a distant unauthenticated attacker to execute unauthorized instructions through crafted API requests.”
It is price noting that Fortinet resolved one other variant of CVE-2023-34992 by closing out CVE-2023-36553 (CVSS rating: 9.3) in November 2023. The 2 new vulnerabilities are/can be plugged within the following variations –
- FortiSIEM model 7.1.2 or above
- FortiSIEM model 7.2.0 or above (upcoming)
- FortiSIEM model 7.0.3 or above (upcoming)
- FortiSIEM model 6.7.9 or above (upcoming)
- FortiSIEM model 6.6.5 or above (upcoming)
- FortiSIEM model 6.5.3 or above (upcoming), and
- FortiSIEM model 6.4.4 or above (upcoming)
Finishing the trifecta is VMware, which has warned of 5 moderate-to-important severity flaws in Aria Operations for Networks (previously vRealize Community Perception) –
- CVE-2024-22237 (CVSS rating: 7.8) – Native privilege escalation vulnerability that enables a console consumer to achieve common root entry
- CVE-2024-22238 (CVSS rating: 6.4) – Cross-site scripting (XSS) vulnerability that enables a malicious actor with admin privileges to inject malicious code into consumer profile configurations
- CVE-2024-22239 (CVSS rating: 5.3) – Native privilege escalation vulnerability that enables a console consumer to achieve common shell entry
- CVE-2024-22240 (CVSS rating: 4.9) – Native file learn vulnerability that enables a malicious actor with admin privileges to entry delicate info
- CVE-2024-22241 (CVSS rating: 4.3) – Cross-site scripting (XSS) vulnerability that enables a malicious actor with admin privileges to inject malicious code and take over the consumer account
To mitigate the dangers, all customers of VMware Aria Operations for Networks model 6.x are being really helpful to improve to model 6.12.0.
Contemplating the historical past of exploitation in terms of Cisco, Fortinet, and VMware flaws, patching is a vital and essential first step that organizations must take to deal with the shortcomings.
Discover more from PressNewsAgency
Subscribe to get the latest posts sent to your email.

