Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

A Comprehensive Analysis of the Latest Cybersecurity Threats: U.S. CISA Adds Fortinet FortiOS Flaw to its Known Exploited Vulnerabilities Catalog



A critical vulnerability has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), highlighting the need for prompt action from affected organizations using Fortinet FortiOS software. The newly identified authorization bypass vulnerability poses a significant threat, emphasizing the importance of timely patching and vulnerability management to prevent exploitation by malicious actors.

  • Pierluigi Paganini has shared an update on a critical vulnerability in Fortinet's FortiOS software.
  • A new authorization bypass vulnerability (CVE-2024-55591, CVSS score: 9.6) poses a significant threat to organizations using FortiOS and FortiProxy software.
  • Remote attackers can exploit the vulnerability via crafted Node.js WebSocket requests, bypassing authentication and gaining super-admin access.
  • The vulnerability affects FortiOS (7.0.0-7.0.16) and FortiProxy (7.0.0-7.0.19, 7.2.0-7.2.12).
  • CISA has added the vulnerability to its Known Exploited Vulnerabilities (KEV) catalog and urges organizations to implement a swift mitigation strategy.
  • Other vulnerabilities have been added to the KEV catalog, including Microsoft Windows Hyper-V NT Kernel Integration VSP vulnerabilities.
  • CISA recommends that federal agencies address these vulnerabilities by February 2, 2025, as part of its Binding Operational Directive (BOD) 22-01.



    • Pierluigi Paganini, a renowned security expert, recently shared an update on his blog regarding a critical vulnerability in the Fortinet FortiOS software that has been added to the Known Exploited Vulnerabilities (KEV) catalog by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). The newly identified authorization bypass vulnerability, tracked as CVE-2024-55591 (CVSS score: 9.6), poses a significant threat to organizations using FortiOS and FortiProxy software.

    According to the advisory released by CISA, remote attackers can exploit this vulnerability to bypass authentication and gain super-admin access via crafted Node.js WebSocket requests. The vendor has confirmed that it is aware of attacks in the wild exploiting this vulnerability, highlighting the need for prompt action from affected organizations. This critical security flaw was not previously disclosed and serves as a stark reminder of the importance of staying up-to-date with the latest security patches.

    Furthermore, this vulnerability impacts FortiOS (7.0.0-7.0.16) and FortiProxy (7.0.0-7.0.19, 7.2.0-7.2.12), emphasizing that organizations using these software versions are particularly vulnerable to exploitation. Given the severity of this vulnerability, it is imperative that affected organizations implement a swift and comprehensive mitigation strategy.

    In addition to the Fortinet vulnerability, CISA has also added several other flaws to its KEV catalog, including CVE-2025-21333, CVE-2025-21334, and CVE-2025-21335, all of which are related to Microsoft Windows Hyper-V NT Kernel Integration VSP vulnerabilities. These newly identified vulnerabilities pose significant risks to organizations using these software versions.

    CISA has emphasized the need for federal agencies to address these vulnerabilities by February 2, 2025, as part of its Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities. Moreover, private organizations are also urged to review the KEV catalog and take necessary steps to secure their infrastructure.

    In light of these critical security threats, it is essential for organizations to prioritize timely patching and vulnerability management to prevent exploitation by malicious actors. As CISA continues to monitor and address emerging security risks, it is crucial that organizations remain vigilant and proactive in safeguarding their networks and data.

    The impact of this vulnerability highlights the importance of continuous monitoring and vulnerability management. Organizations must implement a robust security posture that includes regular patching, vulnerability scanning, and incident response planning to mitigate the effects of such threats. By taking swift action and staying informed about emerging security risks, organizations can significantly reduce their risk profile and protect themselves against potential cyber threats.

    In conclusion, the addition of the Fortinet FortiOS authorization bypass vulnerability to the KEV catalog serves as a stark reminder of the importance of prioritizing cybersecurity. As CISA continues to monitor and address emerging security risks, it is essential for organizations to stay vigilant and proactive in safeguarding their networks and data.

    Related Information:

  • https://securityaffairs.com/173098/security/u-s-cisa-adds-fortinet-fortios-known-exploited-vulnerabilities-catalog.html

  • https://nvd.nist.gov/vuln/detail/CVE-2024-55591

  • https://www.cvedetails.com/cve/CVE-2024-55591/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-21333

  • https://www.cvedetails.com/cve/CVE-2025-21333/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-21334

  • https://www.cvedetails.com/cve/CVE-2025-21334/

  • https://nvd.nist.gov/vuln/detail/CVE-2025-21335

  • https://www.cvedetails.com/cve/CVE-2025-21335/


    • Published: Fri Jan 17 10:47:06 2025 by llama3.2 3B Q4_K_M


         


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us