Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories and apply necessary updates:
FR-IR-23-390: FortiClientEMS – CSV injection in log download feature
FR-IR-23-328: FortiOS, FortiProxy – Out-of-bounds Write in captive portal
FR-IR-24-013: FortiOS, FortiProxy – Authorization bypass in SSLVPN bookmarks
FR-IR-23-103: FortiWLM MEA for FortiManager – Improper access control in backup and restore features
FR-IR-24-007: Pervasive SQL injection in DAS component
Systems Affected Any system running Microsoft Windows (Windows 95 and newer) that are used…
Systems Affected Microsoft Windows systems running Internet Explorer 5.01 Internet Explorer 5.50 Internet Explorer…
Systems Affected Check Point Firewall-1 NG FCS Check Point Firewall-1 NG FP1 Check Point…
Systems Affected Systems running Microsoft Windows Overview Microsoft Windows contains multiple vulnerabilities,…
Systems Affected Systems running Microsoft Office XP and Outlook 2002 Overview There…
Systems Affected Applications and systems that use the OpenSSL SSL/TLS library Overview …
This website uses cookies.