Categories: US-Cert-Repository

Fortinet Releases Security Updates for Multiple Products


Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the following advisories and apply necessary updates:  

  • FR-IR-23-390: FortiClientEMS – CSV injection in log download feature

  • FR-IR-23-328: FortiOS, FortiProxy – Out-of-bounds Write in captive portal 

  • FR-IR-24-013: FortiOS, FortiProxy – Authorization bypass in SSLVPN bookmarks

  • FR-IR-23-103: FortiWLM MEA for FortiManager – Improper access control in backup and restore features

  • FR-IR-24-007: Pervasive SQL injection in DAS component



Source link

admin

Leave a Comment
Share
Published by
admin
2 years ago

Recent Posts

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

17 hours ago

CISA and UK NCSC Release Joint Guidance for Securing OT Systems

CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security…

3 days ago

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on October 2, 2025. These advisories provide…

4 days ago

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

5 days ago

CISA Adds Five Known Exploited Vulnerabilities to Catalog

CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

6 days ago

CISA Releases Ten Industrial Control Systems Advisories

CISA released ten Industrial Control Systems (ICS) advisories on September 30, 2025. These advisories provide…

7 days ago

This website uses cookies.