<ul><li>U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added vulnerabilities in Ivanti CSA and Fortinet products to its Known Exploited Vulnerabilities catalog.</li><li>The vulnerabilities include a format string vulnerability in Fortinet products and SQL injection and OS command injection vulnerabilities in Ivanti CSA.</li><li>Fortinet has addressed the critical flaw in FortiOS, while Ivanti warns of active exploits for the vulnerabilities in its CSA.</li><li>CISA has ordered federal agencies to fix the identified vulnerabilities by October 30, 2024.</li></ul>

U.S. CISA adds Ivanti CSA and Fortinet bugs to its Known Exploited Vulnerabilities catalog

Discover more