As of February 7th, 2024, three technology giants in the dynamic landscape of InfoSec: Cisco, Fortinet, and VMware, have recently unveiled critical security vulnerabilities in their systems. If left unaddressed these weaknesses could lead to a plethora of arbitrary actions, emphasizing the criticality of swift patching and timely updates. This security advisory will delve into the specifics of the disclosed vulnerabilities, their potential impacts, and the recommended steps to protect your digital defenses.
- Cisco Expressway Series: Cisco has identified three critical flaws, CVE-2024-20252, CVE-2024-20254, and CVE-2024-20255, affecting the Expressway Series. With a CVSSv3 Score of 9.6, these pose a sizeable risk for exploit of cross-site request forgery (CSRF) attacks, potentially allowing unauthorized activity. Furthermore, CVE-2024-20255 could lead to a denial-of-service (DoS) condition. With no workarounds, organizations are urged to apply patches available in Cisco Expressway Series Release versions 14.3.4 and 15.0.0 to mitigate these risks.
- Fortinet FortiSIEM Supervisor: Fortinet has released updates addressing bypasses for a previously disclosed critical flaw (CVE-2023-34992) in FortiSIEM Supervisor. The new variants, CVE-2024-23108 and CVE-2024-23109, may enable unauthenticated attackers to execute unauthorized commands through crafted API requests. With a score of 9.8 on the CVSSv3 System, Fortinet recommends updating to FortiSIEM versions 7.1.2 or above as soon as possible.
- VMware Aria Operations for Networks: VMware has disclosed five severity flaws ranging from 4.3 to 7.8 on CVSSv3 in Aria Operations for Networks, formerly known as vRealize Network Insight. These involve issues like local privilege escalation, cross-site scripting (XSS), and local file read vulnerabilities that could lead to unauthorized access to sensitive information. Users are strongly advised to upgrade to version 6.12.0, which VMware has detailed in a response matrix in the link above for ease of mitigation.
The acknowledgment of critical vulnerabilities by Cisco, Fortinet, and VMware underscores the relentless cat-and-mouse game between cybersecurity professionals and attackers. As history has shown, prompt patching is the first line of defense against potential exploits. Additionally, routine vulnerability scanning, managed SIEM, penetration testing, and device audits are the gold standard to building cybersecurity resilience.
Organizations are strongly encouraged to prioritize the implementation of the mentioned updates to bolster their cybersecurity posture. By staying vigilant and proactive, businesses can minimize the risk of falling victim to cyber threats and ensure the security and integrity of their digital infrastructure.