CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks. […] Read More
BleepingComputer
Related Posts
The Ticketmaster Data Breach May Be Just the Beginning
The Ticketmaster Data Breach May Be Just the Beginning
Data breaches at Ticketmaster and financial services company Santander have been linked to attacks against cloud provider Snowflake. Researchers fear more breaches will soon be uncovered. Read More
Multiple Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code
Multiple Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code
[[{“value”:”
Multiple vulnerabilities have been discovered in FortiOS and FortiProxy that were related to administrator cookie leakage, arbitrary command execution and sensitive information exposure.
These vulnerabilities have been assigned with CVEs as CVE-2023-41677, CVE-2023-48784 and CVE-2024-23662.
The severity for these vulnerabilities range between 5 (Medium) to 7.5 (High).
However, these vulnerabilities have been patched accordingly by Fortinet and relevant security advisories have been published for addressing these vulnerabilities.
Vulnerability Analysis
CVE-2023-41677: Administrator Cookie Leakage In FortiOS And FortiProxy
This particular vulnerability allows a threat actor to obtain administrator cookies on specific conditions that are probably rare.
Under these conditions, the threat actors can trick the administrator into visiting a malicious attacker-controlled website through SSL-VPN and steal administrator cookies.
This vulnerability exists due to insufficient protection of credentials.
The severity for this vulnerability was given as 7.5 (High) and affects multiple FortiOS and FortiProxy versions.
Document
Stop Advanced Phishing Attack With AI
AI-Powered Protection for Business Email Security
Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by
other email security solutions. .
CVE-2023-48784: Arbitrary Code Execution In FortiOS
This vulnerability exists due to the use of an externally controlled format string in FortiOS command line interface which allows a threat actor with local super-admin profile and CLI access to execute arbitrary code or commands by using specially crafted requests.
The severity for this vulnerability was given as 6.1 (Medium). Products affected by these vulnerabilities include multiple versions of FortiOS greater than 6.4.
CVE-2024-23662: Sensitive Information Exposure Vulnerability In FortiOS
An unauthorized and unauthenticated threat actor can exploit this vulnerability and gather sensitive information such as device versions of affected FortiOS versions by using HTTP requests.
The severity for this vulnerability was given as 5.0 (Medium).
Affected Products And Fixed In Versions
CVEVersionAffectedSolutionCVE-2023-41677FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.4FortiOS 6.2FortiOS 6.0FortiProxy 7.4FortiProxy 7.2FortiProxy 7.0FortiProxy 2.0FortiProxy 1.2FortiProxy 1.1FortiProxy 1.07.4.0 through 7.4.17.2.0 through 7.2.67.0.0 through 7.0.126.4.0 through 6.4.146.2.0 through 6.2.156.0 all versions7.4.0 through 7.4.17.2.0 through 7.2.77.0.0 through 7.0.132.0 all versions1.2 all versions1.1 all versions1.0 all versionsUpgrade to 7.4.2 or aboveUpgrade to 7.2.7 or aboveUpgrade to 7.0.13 or aboveUpgrade to 6.4.15 or aboveUpgrade to 6.2.16 or aboveMigrate to a fixed releaseUpgrade to 7.4.2 or aboveUpgrade to 7.2.8 or aboveUpgrade to 7.0.14 or aboveMigrate to a fixed releaseMigrate to a fixed releaseMigrate to a fixed releaseMigrate to a fixed releaseCVE-2023-48784FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.47.4.0 through 7.4.17.2.0 through 7.2.77.0 all versions6.4 all versionsUpgrade to 7.4.2 or aboveUpgrade to 7.2.8 or aboveMigrate to a fixed releaseMigrate to a fixed releaseCVE-2024-23662FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.47.4.0 through 7.4.17.2.0 through 7.2.57.0 all versions6.4 all versionsUpgrade to 7.4.2 or aboveUpgrade to 7.2.6 or aboveMigrate to a fixed releaseMigrate to a fixed release
Users of these products are recommended to upgrade to the latest versions to prevent threat actors from exploiting these vulnerabilities.
Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.
The post Multiple Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code appeared first on Cyber Security News.
“}]] Read More
Cyber Security News
CISO Conversations: Jason Rebholz and Jason Ozin From the Insurance Sector
CISO Conversations: Jason Rebholz and Jason Ozin From the Insurance Sector
SecurityWeek interviews two CISOs from the insurance sector: Jason Rebholz at Corvus Insurance and Jason Ozin at UK-based PIB Group.
The post CISO Conversations: Jason Rebholz and Jason Ozin From the Insurance Sector appeared first on SecurityWeek.
SecurityWeek RSS Feed