Fortinet has issued security updates for several products, including FortiOS, to fix vulnerabilities that could allow cyber attackers to take control of affected systems.
CISA encourages users and administrators to review the following advisories and apply necessary updates.
Cybersecurity researcher Jeremiah Fowler discovered an unsecured database with 170,360 records belonging to a real estate company. It contained personal...
GreyNoise found attempts to exploit CVE-2023-28771, a vulnerability in Zyxel's IKE affecting UDP port 500. The attack centers around CVE-2023-28771,...
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently included two high-risk vulnerabilities in its Known Exploited Vulnerabilities (KEV)...
FG-IR-23-396 ReadOnly Users Could Run Some Sensitive Operations:
A client-side enforcement of server-side security vulnerability [CWE-602] in FortiAnalyzer may allow an authenticated attacker with at least read-only permission to execute sensitive operations via crafted requests.
Source: fortiguard.com
FG-IR-23-475 FortiOS – SSLVPN Session Hijacking Using SAML Authentication:
A session fixation vulnerability [CWE-384] in FortiOS may allow an unauthenticated attacker to hijack user session via a phishing SAML authentication link.
Source: Fortiguard.com
FG-IR-24-144 Privilege Escalation via Lua Auto Patch Function:
A privilege context switching error vulnerability [CWE-270] in FortiClient Windows may allow an authenticated user to escalate their privileges via lua auto patch scripts.
Source: fortiguard.com
FG-IR-24-199 Named Pipes Improper Access Control:
An authentication bypass using an alternate path or channel vulnerability (CWE-288) in FortiClient (Windows) may allow a low privilege attacker to execute arbitrary code with high privilege via spoofed named pipe messages.