CISA Activity - Fortinet Releases Security Updates for Multiple Products

Thread starter CISA
Start date Mar 12, 2024

Welcome to ITBible, we're your #1 resource for enterprise or homelab IT problems (or just a place to show off your stuff).

CISA

Guest

Mar 12, 2024

Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the following advisories and apply necessary updates: 

[FR-IR-23-390: FortiClientEMS - CSV injection in log download feature]
[FR-IR-23-328: FortiOS, FortiProxy - Out-of-bounds Write in captive portal]
[FR-IR-24-013: FortiOS, FortiProxy - Authorization bypass in SSLVPN bookmarks]
[FR-IR-23-103: FortiWLM MEA for FortiManager - Improper access control in backup and restore features]
[FR-IR-24-007: Pervasive SQL injection in DAS component]

You must log in or register to reply here.

Facebook X (Twitter) Reddit Pinterest Tumblr WhatsApp Email Link

Top Bottom

Back