A new ‘File Archivers in the Browser’ phishing kit abuses ZIP domains by displaying fake WinRAR or Windows File Explorer windows in the browser to convince users to launch malicious files. […]
Related Posts
FortiOS Vulnerability Let Attackers to Execute Unauthorized Commands
FortiOS Vulnerability Let Attackers to Execute Unauthorized Commands
Fortinet has disclosed multiple stack-based buffer overflow vulnerabilities (CVE-2024-23110) in FortiOS’s command line interpreter.
These vulnerabilities could allow authenticated attackers to execute unauthorized code or commands. Gwendal Guégniaud of the Fortinet Product Security team discovered and reported these vulnerabilities.
Affected Versions and Solutions
The vulnerabilities affect several versions of FortiOS. Fortinet has provided the following guidance for affected users:
FortiOS 7.4: Versions 7.4.0 through 7.4.2 are affected. Users should upgrade to version 7.4.3 or above.
FortiOS 7.2: Versions 7.2.0 through 7.2.6 are affected. Users should upgrade to version 7.2.7 or above.
FortiOS 7.0: Versions 7.0.0 through 7.0.13 are affected. Users should upgrade to version 7.0.14 or above.
FortiOS 6.4: Versions 6.4.0 through 6.4.14 are affected. Users should upgrade to version 6.4.15 or above.
FortiOS 6.2: Versions 6.2.0 through 6.2.15 are affected. Users should upgrade to version 6.2.16 or above.
FortiOS 6.0: All versions are affected. Users should migrate to a fixed release.
Fortinet recommends using its upgrade path tool to ensure a smooth transition to the fixed versions. The tool can be accessed at Fortinet’s Upgrade Path Tool.
The vulnerabilities are due to improper handling of command-line arguments in the FortiOS command-line interpreter.
Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot.
An attacker with authenticated access could exploit these vulnerabilities by sending specially crafted command-line arguments, which could lead to the execution of unauthorized code or commands.
Mitigation and Recommendations
Fortinet advises all users of affected FortiOS versions to upgrade to the recommended versions as soon as possible to mitigate the risk of exploitation.
Users should also follow best practices for network security, including limiting access to the command line interface to trusted users and monitoring for unusual activity.
Using the Upgrade Path Tool
Access the Upgrade Path Tool: Visit Fortinet’s Upgrade Path Tool.
Select Product and Versions: Choose your current FortiGate product, current FortiOS version, and the target FortiOS version.
Follow Recommended Path: The tool will provide a recommended upgrade path. Download all intermediate firmware versions if necessary.
Verify Your FortiOS Version
Log into your FortiGate device to check the current FortiOS version.
Using the GUI:
Log into the FortiGate web interface.
Go to Dashboard > System Information.
Check the Firmware Version field to see the current version of FortiOS.
Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free
The post FortiOS Vulnerability Let Attackers to Execute Unauthorized Commands appeared first on Cyber Security News.
Suspected Chinese threat actor exploits Ivanti Connect Secure and Policy Secure zero-days.
Suspected Chinese threat actor exploits Ivanti Connect Secure and Policy Secure zero-days.
Suspected Chinese threat actor exploits Connect Secure and Policy Secure zero-days. Cryptocurrency drainer-as-a-service described. Cisco patches critical flaw in Unity Connection. CISA adds SharePoint Server flaw to its Known Exploited Vulnerabilities catalog. Read More
The CyberWire
Apple Urgently Patches Zero-day Flaw Exploited in the Wild
Apple Urgently Patches Zero-day Flaw Exploited in the Wild
Apple has released an emergency security update for patching two actively exploited zero-day vulnerabilities on iOS. The vulnerabilities were discovered earlier this month and are tracked as CVE-2023-42916, and CVE-2023-42917 affected many Apple products.
The security advisory from Apple has patched several vulnerabilities. Two of the most common vulnerabilities patched on this emergency update were CVE-2023-42890 and CVE-2023-42883.
All of these vulnerabilities existed in the WebKit browser engine of several Apple products such as macOS, iOS, and iPadOS.
CVE-2023-42916: Out of Bounds Read Vulnerability
This vulnerability exists in WebKit of iOS, iPadOS, macOS, and Safari, allowing a threat actor to perform an out-of-bounds read that could disclose sensitive information when processing web content. This vulnerability has been given a severity of 6.5 (Medium).
Apple has patched this vulnerability and implemented a proper input validation to prevent it.
Products affected by this vulnerability include iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
CVE-2023-42917: Memory Corruption Vulnerability
This vulnerability exists in the WebKit of iOS, iPadOS, macOS, and Safari, allowing an attacker to execute arbitrary code when processing web content.
The severity for this vulnerability has been given as 8.8 (High). Apple stated that they have patched this vulnerability by improving the locking.
Products affected by this vulnerability include iPhone 8 and later, iPad Pro (all models), iPad Air 3rd generation and later, iPad 5th generation and later, and iPad mini 5th generation and later.
Both of these vulnerabilities have been added to the CISA’s Known Exploited Vulnerability catalog to provide awareness to all the users of these products.
Apple urges its users to update their Apple products to the latest version to patch these vulnerabilities and prevent them from becoming victims of cybercriminals.
The post Apple Urgently Patches Zero-day Flaw Exploited in the Wild appeared first on Cyber Security News.
Cyber Security News