Categories: US-Cert-Repository

Fortinet Releases Security Updates for Multiple Products


Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  

CISA encourages users and administrators to review the following advisories and apply necessary updates:  

  • FR-IR-23-390: FortiClientEMS – CSV injection in log download feature

  • FR-IR-23-328: FortiOS, FortiProxy – Out-of-bounds Write in captive portal 

  • FR-IR-24-013: FortiOS, FortiProxy – Authorization bypass in SSLVPN bookmarks

  • FR-IR-23-103: FortiWLM MEA for FortiManager – Improper access control in backup and restore features

  • FR-IR-24-007: Pervasive SQL injection in DAS component



Source link

admin

Leave a Comment
Share
Published by
admin
2 years ago

Recent Posts

Opportunistic Pro-Russia Hacktivists Attack US and Global Critical Infrastructure

CISA, in partnership with Federal Bureau of Investigation, the National Security Agency, Department of Energy,…

9 hours ago

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

1 day ago

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

2 days ago

CISA, Australia, and Partners Author Joint Guidance on Securely Integrating Artificial Intelligence in Operational Technology

CISA and the Australian Signals Directorate’s Australian Cyber Security Centre, in collaboration with federal and international…

3 days ago

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency (CISA) is aware of ongoing intrusions by People’s Republic…

4 days ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

5 days ago

This website uses cookies.