CISA Alerts on Active Exploitation of Fortinet, Ivanti, and Nice Product Flaws

cisa nice ivanti fortinet

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has just updated its list of Known Exploited Vulnerabilities (KEV) with three important additions, all indicating ongoing cyber attacks.

Here’s what you need to know:

  • Fortinet FortiClient EMS SQL Injection Vulnerability (CVE-2023-48788): This flaw, with a severity score of 9.3, allows attackers to execute unauthorized code or commands through specially crafted requests. Fortinet has confirmed that this vulnerability has indeed been exploited, although details about the attacks are still limited.
  • Ivanti Endpoint Manager Cloud Service Appliance Code Injection Vulnerability (CVE-2021-44529): With a high severity score of 9.8, this vulnerability enables unauthenticated users to run malicious code with restricted permissions. Recent research suggests that this flaw might have originated as a deliberate backdoor in an open-source project dating back to 2014.
  • Nice Linear eMerge E3-Series OS Command Injection Vulnerability (CVE-2019-7256): This critical vulnerability, with a severity score of 10.0, allows remote code execution on Nice Linear eMerge E3-Series access controllers. Threat actors have been exploiting this flaw since February 2020, although Nice has since addressed it along with 11 other bugs reported by security researcher Gjoko Krstic.

In response to these active exploits, federal agencies have been directed to implement the mitigations provided by the vendors before April 15, 2024.

This development follows a joint alert from CISA and the FBI, emphasizing the urgent need for software manufacturers to address SQL injection vulnerabilities. This advisory highlights the recent exploitation of CVE-2023-34362, a critical SQL injection vulnerability in Progress Software’s MOVEit Transfer, by the Cl0p ransomware gang, which has affected numerous organizations.

Despite the long-standing awareness of SQL injection vulnerabilities and available mitigations, the agencies express concern that some software manufacturers continue to release products with such defects, putting countless customers at risk.

1 thought on “CISA Alerts on Active Exploitation of Fortinet, Ivanti, and Nice Product Flaws”

  1. Pingback: ASEAN Countries On Target of Chinese Hackers Since 2023 ?

Comments are closed.

Scroll to Top