On January 14, 2025, Fortinet disclosed a new critical (CVSS 9.6) authentication bypass vulnerability affecting FortiOS and FortiProxy. This vulnerability, CVE-2024-55591, allows unauthenticated remote attackers to target the Node.js WebSocket module of the administrative interface and potentially gain super-admin privileges.

On Wednesday, January 8th, Ivanti disclosed two severe vulnerabilities affecting Ivanti Connect Secure VPN devices. Ivanti Connect Secure is an external-facing SSL VPN used to secure remote access to corporate networks. Ivanti Policy Secure is an internal network-access control solution designed for regulating access within an enterprise’s network. The critical vulnerability (CVSS 9.0) CVE-2025-0282 allows unauthenticated remote code execution (RCE) through a stack-based buffer overflow.

We’ve asked Outpost24’s CISO, Martin Jartelius, what 2025 is likely to hold for organizations using attack surface management (ASM) tools. Here’s what Martin had to say about what he predicts for ASM in 2025, as well as some thought on how the CISOs role might change.

CVE-2024-49113, also known as LDAPNightmare, is a high severity (CVSS score of 7.5) unauthenticated Denial of Service (DoS) vulnerability in Windows Lightweight Directory Access Protocol (LDAP). This vulnerability allows attackers to crash any unpatched Windows server with an internet-accessible DNS server by overwhelming a critical internal component of the operating system. Both CVE-2024-49113 and its relative, the critical RCE vulnerability CVE-2024-49112, were publicized in December 2024.

Traditionally, approaches to Attack Surface Management (ASM) went something like this: A business scanned its own IT estate to discover assets and understand what its attack surface actually included. We can think of this as Phase I. Following the completion of an asset inventory, they assessed each of their assets to identify risks and vulnerabilities, such as open ports, certificate issues, DNS misconfigurations, and more.

External attack surface management (EASM) is the continuous exercise of managing cybersecurity risks associated with an organization’s external-facing digital assets. The process includes monitoring, identifying, reducing, and mitigating risks present across an organization’s external attack surface.

CVE-2024-3393 is a high severity (CVSS v4.0 score 8.7) Denial of Service (DoS) vulnerability affecting specific versions of Palo Alto Networks PAN-OS DNS Security feature. This vulnerability allows unauthenticated attackers to send malicious packets through the data plane of the firewall. This forces the firewall to reboot. Repeated attempts can force the firewall into maintenance mode, requiring security teams to manually reset the firewall and significantly disrupting operations.

In Continuous Threat Exposure Management (CTEM), risk assessment acts as the central thread that ties all components together, turning raw threat intelligence, vulnerability detection, and external attack surface monitoring into actionable mitigation strategies.

The External Attack Surface Management (EASM) domain is rapidly growing in importance for businesses across the globe. Organizations must strive to understand the true scope of their attack surface as seen through the eyes of a potential hacker. This is a foundational step in any risk program that CISOs are implementing.

In today’s rapidly evolving threat landscape, traditional reactive security approaches are no longer sufficient. This reality led Gartner to introduce Continuous Threat Exposure Management (CTEM) to shift organizations’ mindset from reactive firefighting to proactive threat management through five critical phases: This structured approach revolutionizes how organizations secure their cloud environments. But to succeed, CTEM demands specialized tools designed for modern cloud complexities.