Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon.

Whether you’re the CISO or part of the incident response team, it’s likely you have heard of exposure management (EM). Introduced by Gartner in 2022 as the evolution of vulnerability management (VM), the name “exposure management” was adopted by vendors faster than you can say “next gen” or “AI-powered”. Unfortunately for consumers the hype added more confusion than clarity. This blog is a chance to reset expectations.

Attack surface analysis and mapping are a crucial first step in the attack surface management (ASM) process. Before an organization can effectively manage its attack surface, it needs to have a complete understanding of what that attack surface is. Attack surface analysis and mapping provides this initial understanding by inventorying an organization’s assets, their vulnerabilities, and the potential threats that they may face.

With EASM now a critical piece of security operations, it seems like every vendor is jumping into the EASM pool. But not all EASM products are created equal. Companies in adjacent markets, like threat intelligence, are creating attack surface scanning products that are well short of enterprise grade. The shortcomings of these basic EASM products can waste time, erode confidence in security teams, and give an inaccurate picture of organizational risk.

As cyber threats evolve, the importance of attack surface monitoring has never been clearer. In today’s interconnected world, businesses face an unprecedented level of exposure. From web applications and cloud infrastructure to employee credentials and third-party SaaS integrations, your digital footprint offers numerous entry points for potential attackers.

CrowdStrike is proud to be named a Leader in The Forrester Wave: Attack Surface Management Solutions, Q3 2024. Our position as a Leader reinforces our belief that the rapid expansion of modern attack surfaces requires a powerful, unified solution — and CrowdStrike Falcon Exposure Management provides the critical capabilities modern organizations need.

CVE-2024-7594 is a severe unrestricted authentication issue affecting HashiCorp’s Vault’s SSH secrets engine. The National Institute of Standards and Technology (NIST) has not yet evaluated this vulnerability’s CVSS score but HashiCorp assigned it a base score of 7.5 (high). An outside security researcher, Jörn Heissler, discovered an issue with the valid_principals field in Vault’s SSH secrets engine.

When it comes to security, organizations often consider themselves well-covered. But in today’s landscape, where cybersecurity threats evolve at breakneck speed, even the most well-prepared teams cannot afford to have testing gaps. The reality is that if your primary strategy for removing security testing gaps is tightening scanning policies or expanding penetration test scope, you are trying to patch a dam with bubble gum. Is your attack surface covered?

CVE-2024-28987 is a critical (CVSS v3 score: 9.1) hardcoded credential vulnerability in the SolarWinds Web Help Desk (WHD) software. If exploited, this Java deserialization remote code execution (RCE) vulnerability allows attackers remote unauthenticated access to create, read, update and delete data on specific WHD endpoints.