InfoSecBulletin Cybersecurity for mankind
It is an out-of-bounds write vulnerability in FortiOS. This vulnerability enables unauthenticated attackers to execute remote code by using malicious requests.
Sleeping Beauty
Researchers Bypassed CrowdStrike Falcon Sensor partially
By infosecbulletin
/ Friday , March 7 2025
SEC Consult researchers found a major vulnerability in CrowdStrike's Falcon Sensor, enabling attackers to evade detection and run malicious applications....
Read More
CVE-2025-22224
41,500+ VMware ESXi Instances Vulnerable to Attacks
By infosecbulletin
/ Thursday , March 6 2025
As of March 4, 2025, Shadowserver found that over 41,500 internet-exposed VMware ESXi hypervisors are vulnerable to the actively exploited...
Read More
Register Now
AI Engineering Hackathon: Registration Open
By infosecbulletin
/ Wednesday , March 5 2025
On April 19, 2025 (Saturday), Brain Station 23 and Poridhi are jointly going to organize "AI ENGINEERING HACKATHON". The prize...
Read More
Cisco alerts about a Webex flaw that exposes credentials
By infosecbulletin
/ Wednesday , March 5 2025
Cisco has alerted customers about a vulnerability in Webex for BroadWorks that could allow unauthorized attackers to access credentials remotely....
Read More
NVIDIA Issues Warning of Multiple Vulnerabilities
By infosecbulletin
/ Wednesday , March 5 2025
NVIDIA has released urgent security advisories for multiple vulnerabilities in its Hopper HGX 8-GPU High-Performance Computing platforms. A critical flaw...
Read More
Update Now
Chrome 134 Released, Fixes 14 Vulnerabilities
By infosecbulletin
/ Wednesday , March 5 2025
Google has released Chrome 134 for the stable channel on Windows, macOS, and Linux, effectively addressing 14 security vulnerabilities. Among...
Read More
Broadcom Patches 3 VMware Zero-Days Exploited In Attacks
By infosecbulletin
/ Tuesday , March 4 2025
Broadcom issued a security alert on Tuesday, warning VMware customers about 3 exploited zero-day vulnerabilities. Vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226...
Read More
Singapore issues new guidelines for data center and cloud services
By infosecbulletin
/ Tuesday , March 4 2025
The Infocomm Media Development Authority (IMDA of Singapore unveils advisory guidelines to reduce occurrences of disruptions to cloud services and...
Read More
Update Alert!
Google Warns of Critical Android Vulns Under Attack
By infosecbulletin
/ Tuesday , March 4 2025
Google’s March 2025 Android Security Bulletin has unveiled two critical vulnerabilities—CVE-2024-43093 and CVE-2024-50302—currently under limited, targeted exploitation. These flaws affect...
Read More
CISA adds Cisco and Windows vulns as actively exploited
By infosecbulletin
/ Tuesday , March 4 2025
CISA has advised US federal agencies to secure their systems against attacks targeting vulnerabilities in Cisco and Windows. Although these...
Read More
Upgrade to the latest version indicated in the following table to fix the bug, as recommended by Fortinet:
To protect against the vulnerability, disable SSL VPN on your FortiOS devices.
This flaw was disclosed today along with CVE-2024-23113 (Critical/9.8 rating), CVE-2023-44487 (Medium), and CVE-2023-47537 (Medium). However, these flaws are not marked as being exploited in the wild.
