Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories and apply necessary updates:
FR-IR-23-390: FortiClientEMS – CSV injection in log download feature
FR-IR-23-328: FortiOS, FortiProxy – Out-of-bounds Write in captive portal
FR-IR-24-013: FortiOS, FortiProxy – Authorization bypass in SSLVPN bookmarks
FR-IR-23-103: FortiWLM MEA for FortiManager – Improper access control in backup and restore features
FR-IR-24-007: Pervasive SQL injection in DAS component
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of…
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of…
Today, CISA—with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and international…
This website uses cookies.