CISA Activity - Fortinet Releases Security Advisories for FortiOS and FortiClientEMS

[CISA]

Fortinet released security updates to address critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313) as well as an access control vulnerability in FortiClientEMS (CVE-2024-45581). A cyber threat actor could exploit these vulnerabilities to take control of an affected system. Note: According to Fortinet, CVE-2024-21762 is potentially being exploited in the wild.

CISA encourages users and administrators to review the following advisories and apply necessary updates:

• FG-IR-24-015 FortiOS
• FG-IR-24-029 FortiOS
• FG-IR-23-357 FortiClientEMS

Continue reading...