Fortra® Security & Trust Center

Emerging Threats

Multiple Vulnerabilities Impacting rsync

Fri, 01/17/2025
Fortra is actively researching multiple vulnerabilities impacting rsync: CVE-2024-12084: CVSS 3.1: 9.8, CVE-2024-12085: CVSS 3.1: 7.5, CVE-2024-12086: CVSS 3.1: 6.1, CVE-2024-12087: CVSS 3.1: 6.5, CVE-2024-12088: CVSS 3.1: 6.5, CVE-2024-12747: CVSS 3.1: 5.6.
Patch Tuesday
Blog

Patch Tuesday Update January 2025

By Tyler Reguly on Thu, 01/16/2025
Microsoft definitely didn’t want to waste any time jumping into 2025 patching 161 CVEs with the January Patch Tuesday. There are 159 CVEs issued by Microsoft, 1 by CERT CC, and 1 by GitHub.
Emerging Threats

FortiOS & FortiProxy: Authentication Bypass in Node.js Websocket Module

Wed, 01/15/2025
Fortra is actively researching a critical authentication bypass vulnerability CVE-2024-55591 in the Node.js websocket module affecting FortiOS firewalls and FortiProxy web gateways. This vulnerability affects FortiOS firewalls and FortiProxy web gateways and has been exploited as a zero-day by attackers to compromise publicly-exposed FortiGate firewalls.
Tripwire VERT Security Update
Blog

VERT Threat Alert: January 2025 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/14/2025
Today’s VERT Alert addresses Microsoft’s January 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1139 as soon as coverage is completed.In-The-Wild & Disclosed CVEsCVE-2025-21333The first of three Hyper-V vulnerabilities this month is a heap-based buffer overflow that leads to privilege escalation to SYSTEM. Microsoft has reported this...
Automation
Threat Research & Intelligence
Emerging Threats

Ivanti Unauthenticated Remote Code Execution

Thu, 01/09/2025
Fortra is actively researching vulnerabilities in Ivanti Connect Secure, Policy Secure, and ZTA Gateways – CVE-2025-0282 and CVE-2025-0283. Successful exploitation of CVE-2025-0282 could lead to unauthenticated remote code execution, while CVE-2025-0283 could allow a local authenticated attacker to escalate privileges. Ivanti has begun to release patches for these vulnerabilities, and customers should upgrade as soon as relevant patches are released.
Security Advisory

Session Cookie Set Without 'Secure' Attribute in PowerHA Web Interface

Tue, 01/07/2025
PowerHA does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic.
FI-2025-002
Medium
CVE-2024-55897
Emerging Threats

PAN-OS Firewall Denial of Service Vulnerability

Tue, 12/31/2024
Fortra is actively researching a vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software – CVE-2024-3393. This vulnerability could allow an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall to enter maintenance mode. Palo Alto has released fixes for this vulnerability, and customers are encouraged to update to a fixed version as soon as possible.
Emerging Threats

Apache Tomcat Remote Code Execution Vulnerability

Tue, 12/24/2024
Fortra is actively researching critical vulnerabilities in Apache Tomcat – CVE-2024-50379 and CVE-2024-56337. An incomplete patch of CVE-2024-50379 could result in code execution on case-insensitive file systems when the default servlet is enabled for write. Users are recommended to update Tomcat installations to the latest secure version to fully mitigate these vulnerabilities.