Fortinet released a security update for FortiOS and FortiProxy software to fix a vulnerability. This vulnerability could allow a cyber threat actor to take control of a system.
CISA recommends that users and administrators review security bulletin FG-IR-23-315 for FortiOS & FortiProxy and install updates as needed.
Fortiguard PSIRT posted an improper privilege management vulnerability [CWE-269] in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS requests.
Affected products:
Click here for the detail.