02-24-2025, 04:17 AM
|
Join Date: Oct 2021
Posts: 0
|
A critical vulnerability in FortiOS is being deliberately exploited (CVSS 9.8/10).
Vulnerability details:
CVE-2024-23113 (CVSS 9.8/10)
Impact:
Successful exploitation can lead to an unauthenticated remote access attacker to execute arbitrary code or commands via specially crafted requests.
Affected platforms:
FortioS [V 7.4, 7.2, 7.0], FortiPAM [V 1.2, 1.1, 1.0], FortiProxy [V 7.4, 7.2, 7.0], FortiSwitchManager [V 7.2, 7.0].
Fix:
FortiOS 7.4: upgrade to 7.4.3 or higher.
FortiOS 7.2: upgrade to 7.2.7 or higher
FortiOS 7.0: upgrade to 7.0.14 or higher
FortiPAM 1.2: upgrade to 1.2.1 or higher
FortiPAM 1.1: upgrade to 1.1.3 or higher
FortiPAM 1.0: migrate to a fixed version
FortiProxy 7.4: upgrade to 7.4.3 or higher
FortiProxy 7.2: upgrade to 7.2.9 or higher
FortiProxy 7.0: upgrade to 7.0.16 or higher
FortiSwitchManager 7.2: upgrade to 7.2.4 or higher
FortiSwitchManager 7.0: upgrade to 7.0.4 or higher
Remarks: FortiOS 6.x is not affected.
|
|
Threaded Mode