Fortinet Releases Security Updates for Multiple Products

12 March 2024

Title: Fortinet Releases Security Updates for Multiple Products

Published: Tue, 12 Mar 24 12:00:00 +0000

Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the following advisories and apply necessary updates: 

FR-IR-23-390: FortiClientEMS – CSV injection in log download feature
FR-IR-23-328: FortiOS, FortiProxy – Out-of-bounds Write in captive portal
FR-IR-24-013: FortiOS, FortiProxy – Authorization bypass in SSLVPN bookmarks
FR-IR-23-103: FortiWLM MEA for FortiManager – Improper access control in backup and restore features
FR-IR-24-007: Pervasive SQL injection in DAS component

Source: US-CERT.CISA.GOV

Date:

12 March 2024

Categorie(s):

US-CERT

Tag(s):

US-CERT

20 Best Linux Password Managers in 202428 April 2024
Reliable Web App Pattern: Now Optimizes Azure Migration with Enhanced Infrastructure and Security28 April 2024
Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks28 April 2024
Good Security Is About Iteration, Not Perfection.28 April 2024
Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 202428 April 2024