This update package improves the detection capabilities of the Forcepoint LLM system.
| RELEASE DATE: | Thursday April 17, 2025 |
| MD5 CHECKSUM: | 28dcaf0ba192161a2f308c62aa5297e7 |
| SHA1 CHECKSUM: | aeb0f7070b437eb15abbf8634edf8375bf50e964 |
| SHA256 CHECKSUM: | 139e6ec36e3ee2862180f6c59882c87c06b371d0970cd7a501359f7abf044fa3 |
UPDATE CRITICALITY: HIGH
List of detected attacks in this update package:
| Risk level | Description | Reference | Vulnerability |
|---|---|---|---|
| High | An attempt to exploit a vulnerability in Fortinet FortiOS | CVE-2024-45324 | Fortinet-Multiple-Products-Certificate-Import-Format-String-CVE-2024-45324 |
| High | An attempt to exploit a vulnerability in IBM Tivoli Storage Manager FastBack detected | CVE-2015-8523 | IBM-Tivoli-Storage-Manager-Fastback-Denial-Of-Service |
Jump to: Detected Attacks Other Changes
DETECTED ATTACKS
New detected attacks:
TCP Client Stream Unknown
| Risk | Vulnerability/Situation | References | Related Fingerprint | Situation Type |
|---|---|---|---|---|
| High | IBM-Tivoli-Storage-Manager-Fastback-Denial-Of-Service | CVE-2015-8523 | Generic_CS-IBM-Tivoli-Storage-Manager-Fastback-Denial-Of-Service-CVE-2015-8523 | Potential Compromise |
HTTP Normalized Request-Line
| Risk | Vulnerability/Situation | References | Related Fingerprint | Situation Type |
|---|---|---|---|---|
| High | Fortinet-Multiple-Products-Certificate-Import-Format-String-CVE-2024-45324 | CVE-2024-45324 | HTTP_CRL-Fortinet-Multiple-Products-Certificate-Import-Format-String-CVE-2024-45324 | Suspected Compromise |
Updated detected attacks:
SSH TCP Client Stream
| Risk | Vulnerability/Situation | References | Related Fingerprint | Situation Type | Change Description | |
|---|---|---|---|---|---|---|
| High | OpenSSH-Kex_Input_Kexinit-Denial-Of-Service | CVE-2016-8858 | SSH_OpenSSH-Kex_Input_Kexinit-Denial-Of-Service | Suspected Compromise |
|
HTTP Normalized Request-Line
| Risk | Vulnerability/Situation | References | Related Fingerprint | Situation Type | Change Description | |
|---|---|---|---|---|---|---|
| High | Langflow-AI-RCE-CVE-2025-3248 | CVE-2025-3248 | HTTP_CRL-Langflow-AI-RCE-CVE-2025-3248 | Suspected Compromise |
|
LIST OF OTHER CHANGES:
New objects:
| Type | Name |
|---|---|
| Category | Fortinet FortiOS |
Updated objects:
| Type | Name | Changes |
|---|---|---|
| IPList | Rwanda | |
| IPList | Saudi Arabia | |
| IPList | Iran | |
| IPList | Cyprus | |
| IPList | Kenya | |
| IPList | DR Congo | |
| IPList | Seychelles | |
| IPList | Jordan | |
| IPList | Bahrain | |
| IPList | United Arab Emirates | |
| IPList | Israel | |
| IPList | Türkiye | |
| IPList | Egypt | |
| IPList | Greece | |
| IPList | Burundi | |
| IPList | Estonia | |
| IPList | Latvia | |
| IPList | Azerbaijan | |
| IPList | Lithuania | |
| IPList | Svalbard and Jan Mayen | |
| IPList | Georgia | |
| IPList | Moldova | |
| IPList | Finland | |
| IPList | Åland Islands | |
| IPList | Ukraine | |
| IPList | North Macedonia | |
| IPList | Hungary | |
| IPList | Bulgaria | |
| IPList | Albania | |
| IPList | Poland | |
| IPList | Romania | |
| IPList | Zimbabwe | |
| IPList | Zambia | |
| IPList | Malawi | |
| IPList | Botswana | |
| IPList | Mauritius | |
| IPList | Eswatini | |
| IPList | Réunion | |
| IPList | South Africa | |
| IPList | Mayotte | |
| IPList | Mozambique | |
| IPList | Madagascar | |
| IPList | Afghanistan | |
| IPList | Pakistan | |
| IPList | Bangladesh | |
| IPList | Turkmenistan | |
| IPList | Tajikistan | |
| IPList | Sri Lanka | |
| IPList | Bhutan | |
| IPList | India | |
| IPList | Nepal | |
| IPList | Myanmar | |
| IPList | Uzbekistan | |
| IPList | Kazakhstan | |
| IPList | Kyrgyzstan | |
| IPList | French Southern Territories | |
| IPList | Vietnam | |
| IPList | Thailand | |
| IPList | Indonesia | |
| IPList | Taiwan | |
| IPList | Philippines | |
| IPList | Malaysia | |
| IPList | China | |
| IPList | Hong Kong | |
| IPList | Brunei | |
| IPList | Macao | |
| IPList | Cambodia | |
| IPList | South Korea | |
| IPList | Japan | |
| IPList | North Korea | |
| IPList | Singapore | |
| IPList | Russia | |
| IPList | Australia | |
| IPList | Christmas Island | |
| IPList | Federated States of Micronesia | |
| IPList | Papua New Guinea | |
| IPList | New Zealand | |
| IPList | Libya | |
| IPList | Cameroon | |
| IPList | Portugal | |
| IPList | Ghana | |
| IPList | Nigeria | |
| IPList | Sierra Leone | |
| IPList | Gibraltar | |
| IPList | Mali | |
| IPList | Western Sahara | |
| IPList | Spain | |
| IPList | Morocco | |
| IPList | Malta | |
| IPList | Denmark | |
| IPList | Iceland | |
| IPList | United Kingdom | |
| IPList | Switzerland | |
| IPList | Sweden | |
| IPList | The Netherlands | |
| IPList | Austria | |
| IPList | Belgium | |
| IPList | Germany | |
| IPList | Luxembourg | |
| IPList | Ireland | |
| IPList | France | |
| IPList | Liechtenstein | |
| IPList | Czechia | |
| IPList | Norway | |
| IPList | Vatican City | |
| IPList | Italy | |
| IPList | Croatia | |
| IPList | Saint Pierre and Miquelon | |
| IPList | Brazil | |
| IPList | Dominican Republic | |
| IPList | Bermuda | |
| IPList | Trinidad and Tobago | |
| IPList | Aruba | |
| IPList | Guatemala | |
| IPList | Honduras | |
| IPList | Venezuela | |
| IPList | Ecuador | |
| IPList | Colombia | |
| IPList | Panama | |
| IPList | Argentina | |
| IPList | Chile | |
| IPList | Bolivia | |
| IPList | Peru | |
| IPList | Mexico | |
| IPList | Puerto Rico | |
| IPList | U.S. Outlying Islands | |
| IPList | American Samoa | |
| IPList | Canada | |
| IPList | United States | |
| IPList | Serbia | |
| IPList | Antarctica | |
| IPList | South Sudan | |
| IPList | TOR exit nodes IP Address List | |
| IPList | Amazon AMAZON | |
| IPList | Amazon EC2 | |
| IPList | TOR relay nodes IP Address List | |
| IPList | Amazon AMAZON ap-south-2 | |
| IPList | Amazon EC2 ap-south-2 | |
| IPList | Amazon AMAZON ap-northeast-1 | |
| IPList | Amazon AMAZON me-central-1 | |
| IPList | Amazon EC2 ap-northeast-1 | |
| IPList | Amazon AMAZON eu-south-2 | |
| IPList | Amazon EC2 eu-south-2 | |
| IPList | Amazon AMAZON il-central-1 | |
| IPList | Amazon AMAZON ap-northeast-2 | |
| IPList | Amazon EC2 ap-northeast-2 | |
| IPList | Botnet IP Address List | |
| IPList | Malicious Site IP Address List | |
| IPList | Amazon AMAZON ap-southeast-1 | |
| IPList | Amazon EC2 ap-southeast-1 | |
| IPList | NordVPN Servers IP Address List | |
| IPList | Amazon AMAZON ap-southeast-2 | |
| IPList | Zoho Meeting Servers | |
| IPList | Amazon EC2 ap-southeast-2 | |
| IPList | Amazon AMAZON ca-central-1 | |
| IPList | Amazon AMAZON eu-central-1 | |
| IPList | Amazon EC2 eu-central-1 | |
| IPList | Amazon AMAZON eu-west-1 | |
| IPList | Amazon EC2 eu-west-1 | |
| IPList | Amazon AMAZON eu-west-2 | |
| IPList | Amazon EC2 eu-west-2 | |
| IPList | Amazon AMAZON sa-east-1 | |
| IPList | Amazon EC2 sa-east-1 | |
| IPList | Amazon AMAZON us-east-1 | |
| IPList | Amazon EC2 us-east-1 | |
| IPList | Forcepoint Drop IP Address List | |
| IPList | Amazon AMAZON us-gov-west-1 | |
| IPList | Amazon AMAZON us-west-1 | |
| IPList | Amazon EC2 us-west-1 | |
| IPList | Amazon AMAZON us-west-2 | |
| IPList | Amazon EC2 us-west-2 | |
| IPList | Amazon AMAZON ap-east-2 | |
| IPList | Oracle Services Network eu-paris-1 | |
| IPList | Oracle Services Network sa-santiago-1 | |
| IPList | Oracle Cloud Infrastructure sa-santiago-1 | |
| Application | TOR | |
| Application | NordVPN | |
| Application | Zoho-Meeting-App |
DISCLAIMER AND COPYRIGHT
Copyright © 2025 Forcepoint
Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint.
All other trademarks used in this document are the property of their respective owners.
Every effort has been made to ensure the accuracy of this document. However, Forcepoint makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information in this documentation is subject to change without notice.
Forcepoint and the FORCEPOINT logo are trademarks of Forcepoint.
All other trademarks used in this document are the property of their respective owners.
Every effort has been made to ensure the accuracy of this document. However, Forcepoint makes no warranties with respect to this documentation and disclaims any implied warranties of merchantability and fitness for a particular purpose. Forcepoint shall not be liable for any error or for incidental or consequential damages in connection with the furnishing, performance, or use of this manual or the examples herein. The information in this documentation is subject to change without notice.