Top Security Vulnerabilities CVEs for February 5

This week’s top new CVE vulnerabilities spotlight a range of critical security issues affecting popular software and systems, highlighting the ongoing challenge of cybersecurity management.

1. Fortinet FortiOS SSL VPN Vulnerability (CVE-2024-21762): A critical out-of-bound write vulnerability in Fortinet’s FortiOS SSL VPN is reportedly being exploited in the wild. This vulnerability follows a history of exploitations targeting Fortinet devices, particularly those with SSL VPN functionality, by various nation-state threat actors and ransomware groups. Fortinet has published advisories urging users to update their devices to patched versions to mitigate this risk​​.
2. Ivanti Connect Secure and Policy Secure Vulnerabilities: A series of vulnerabilities in Ivanti Connect Secure and Policy Secure gateways have been identified, with updates provided on CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, and CVE-2024-21893. These vulnerabilities have prompted emergency directives from CISA for Federal Civilian Executive Branch agencies to mitigate the risks through disconnection or updating affected systems. The presence of exploit code for CVE-2024-21893 and the release of new vulnerabilities highlight the critical nature of these flaws​​.
3. Server-Side Request Forgery (SSRF) Vulnerability in Ivanti Products (CVE-2024-21893): CISA has added this SSRF vulnerability affecting Ivanti Connect Secure, Policy Secure, and Neurons to its Known Exploited Vulnerabilities Catalog, indicating evidence of active exploitation. This vulnerability poses significant risks to the federal enterprise, underscoring the importance of timely remediation​​.
4. Critical Jenkins and Fortra Vulnerabilities: Jenkins has addressed a critical Local File Inclusion vulnerability (CVE-2024-23897) in its software, and Fortra has fixed a critical authentication bypass flaw (CVE-2024-0204) in GoAnywhere MFT. These vulnerabilities highlight the need for regular security updates and vigilance in monitoring for potential exploitation​​.
5. Microsoft Patch Tuesday January 2024: Microsoft’s first Patch Tuesday of 2024 addressed 49 vulnerabilities across its product range, including critical Remote Code Execution vulnerabilities in Kerberos (CVE-2024-20674) and Windows Hyper-V (CVE-2024-20700). The diversity of the vulnerabilities patched underscores the complexity of securing modern IT environments​​.

These vulnerabilities underscore the critical importance of maintaining up-to-date security practices and the constant vigilance required to protect against evolving cyber threats. Organizations are strongly encouraged to review these vulnerabilities, apply necessary patches, and implement recommended mitigations to safeguard their systems against potential attacks.