New Security Vulnerabilities Found in Fortinet, Palo Alto Networks, and Cisco – Immediate Fixes Available

Oct 10, 2024 | News

Serious security vulnerabilities have recently been discovered in products from Fortinet, Palo Alto Networks, and Cisco, posing a high risk to your systems if not promptly addressed. These vulnerabilities have been identified and rated with high CVSS scores, with some reaching 9.9 out of 10, classified as Critical.

Below is a list of the security vulnerabilities (CVEs) categorized by operating system and vendor, along with detailed descriptions for each vulnerability:

  1. Fortinet (FortiOS, FortiPAM, FortiProxy, FortiWeb)

    Affected Operating Systems/Software:

    • FortiOS
    • FortiPAM
    • FortiProxy
    • FortiWeb

    Vulnerability:

    • CVE-2024-23113 (CVSS score: 9.8)

      Type: Remote Code Execution

      Description: This vulnerability relates to the use of externally controlled format strings (CWE-134) in the fgfmd daemon of FortiOS. An unauthenticated remote attacker can exploit this vulnerability to execute arbitrary code or commands through specially crafted requests.

      Severity Level: Critical

      Exploitation Status: Actively being exploited.

      Requirement: FCEB government agencies must apply the patch by October 30, 2024, to ensure safety.

  2. Palo Alto Networks (Expedition)

    Affected Software:

    • Expedition (All versions prior to 1.2.96)

    Vulnerabilities:

    • CVE-2024-9463 (CVSS score: 9.9)

      Type: OS Command Injection

      Description: This vulnerability allows an unauthenticated attacker to execute operating system commands with root privileges on the system.

      Severity Level: Critical

    • CVE-2024-9464 (CVSS score: 9.3)

      Type: OS Command Injection

      Description: This vulnerability allows an authenticated attacker to execute operating system commands with root privileges.

      Severity Level: Critical

    • CVE-2024-9465 (CVSS score: 9.2)

      Type: SQL Injection

      Description: This vulnerability allows an unauthenticated attacker to disclose the contents of the Expedition database.

      Severity Level: High

    • CVE-2024-9466 (CVSS score: 8.2)

      Type: Cleartext Storage of Sensitive Information

      Description: An authenticated attacker can disclose usernames, passwords, and firewall API keys generated from these credentials.

      Severity Level: High

    • CVE-2024-9467 (CVSS score: 7.0)

      Type: Reflected Cross-Site Scripting (XSS)

      Description: This vulnerability allows the execution of malicious JavaScript code in the context of the authenticated Expedition user’s browser when the user clicks on a malicious link. This could lead to phishing attacks and session hijacking.

      Severity Level: Medium

  3. Cisco (Nexus Dashboard Fabric Controller – NDFC)

    Affected Software:

    • Nexus Dashboard Fabric Controller (NDFC), versions prior to 12.2.2

    Vulnerability:

    • CVE-2024-20432 (CVSS score: 9.9)

      Type: Command Injection

      Description: This vulnerability involves improper user authorization and insufficient validation of command parameters. An authenticated remote attacker with low privileges could perform a command injection attack on the affected device.

      Severity Level: Critical

      Patch Version: Fixed in NDFC version 12.2.2. Older versions (11.5 and earlier) are not affected.

To mitigate risks, businesses should promptly apply the latest patches from vendors. Limit remote access and only allow authorized users to access the system. Additionally, monitor for real-world attack signals and implement additional security measures as necessary.