March 26, 2024 at 02:21AM
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three security flaws to its Known Exploited Vulnerabilities catalog, citing active exploitation evidence. The vulnerabilities include SQL injection flaws in Fortinet FortiClient EMS, Ivanti Endpoint Manager Cloud Service Appliance, and Nice Linear eMerge E3-Series OS. Federal agencies must apply the mitigations by April 15, 2024, following a joint alert from CISA and the FBI.
Key points from the meeting notes:
1. U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three security flaws to its Known Exploited Vulnerabilities catalog due to evidence of active exploitation.
2. The vulnerabilities added are:
– CVE-2023-48788: Fortinet FortiClient EMS SQL Injection Vulnerability (CVSS score: 9.3)
– CVE-2021-44529: Ivanti Endpoint Manager Cloud Service Appliance Code Injection Vulnerability (CVSS score: 9.8)
– CVE-2019-7256: Nice Linear eMerge E3-Series OS Command Injection Vulnerability (CVSS score: 10.0)
3. Fortinet FortiClient EMS vulnerability confirmed to be exploited in the wild, allowing unauthorized code or command execution through crafted requests.
4. Ivanti Endpoint Manager Cloud Service Appliance vulnerability allows an unauthenticated user to execute malicious code with limited permissions and may have been introduced as an intentional backdoor in an open-source project.
5. Nice Linear eMerge E3-Series vulnerability permits remote code execution and was exploited by threat actors as early as February 2020. The company has addressed this flaw and 11 other bugs.
6. CISA and the FBI released a joint alert urging software manufacturers to take steps to mitigate SQL injection flaws, specifically highlighting the exploitation of a critical SQL injection vulnerability by the Cl0p ransomware gang to breach organizations.
7. Federal agencies are required to apply vendor-provided mitigations for the three vulnerabilities by April 15, 2024, due to active exploitation.
Please let me know if you need any further information or action items from these meeting notes.