Exploit released for maximum severity Fortinet RCE bug, patch now

Security researchers have released a proof-of-concept exploit for a maximum-severity vulnerability in Fortinet's security information and event management solution, which was patched in February.
Tracked as CVE-2024-23108, this security flaw is a command injection vulnerability discovered and reported by Horizon3 vulnerability expert Zach Hanley that enables remote command execution as root without requiring authentication.
CVE-2024-23108 impacts FortiClient FortiSIEM versions 6.4.0 and higher and was patched by the company on February 8, together with a second RCE vulnerability with a 10/10 severity score.
The company eventually confirmed they were both CVE-2023-34992 variants with the same description as the original vulnerability.
On Tuesday, over three months after Fortinet released security updates to patch this security flaw, Horizon3's Attack Team shared a proof-of-concept exploit and published a technical deep-dive.
The PoC exploit released today by Horizon3 helps execute commands as root on any Internet-exposed and unpatched FortiSIEM appliances.
Horizon3's Attack Team also released a PoC exploit for a critical flaw in Fortinet's FortiClient Enterprise Management Server software, which is now actively exploited in attacks.
Fortinet vulnerabilities are frequently exploited-often as zero-days-in ransomware and cyber espionage attacks targeting corporate and government networks.
The company revealed in February that Chinese Volt Typhoon hackers used two FortiOS SSL VPN flaws to deploy the Coathanger remote access trojan, a malware strain that was also recently used to backdoor a military network of the Dutch Ministry of Defence.
QNAP QTS zero-day in Share feature gets public RCE exploit.
Maximum severity Flowmon bug has a public exploit, patch now.
Critical Fluent Bit flaw impacts all major cloud providers.
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers.
Widely used modems in industrial IoT devices open to SMS attack.

This Cyber News was published on www.bleepingcomputer.com. Publication date: Tue, 28 May 2024 16:20:08 +0000

Cyber News related to Exploit released for maximum severity Fortinet RCE bug, patch now

CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
5 years ago

CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
5 years ago

Exploit released for maximum severity Fortinet RCE bug, patch now - Security researchers have released a proof-of-concept exploit for a maximum-severity vulnerability in Fortinet's security information and event management solution, which was patched in February. Tracked as CVE-2024-23108, this security flaw is a ...
5 months ago Bleepingcomputer.com

A look at Fortinet's week to forget The Register - Security researchers have urged users to patch vulnerable VPNs as soon as possible since the vulnerability is understood to be easily exploitable. The only workaround recommended by Fortinet is to disable the SSL VPN. Disabling webmode won't mitigate ...
9 months ago Go.theregister.com

Exploit for critical Progress Telerik auth bypass released, patch now - Researchers have published a proof-of-concept exploit script demonstrating a chained remote code execution vulnerability on Progress Telerik Report Servers. The Telerik Report Server is an API-powered end-to-end encrypted report management solution ...
4 months ago Bleepingcomputer.com

Fortinet Warns of Yet Another Critical RCE Flaw - Fortinet has patched a critical remote code execution vulnerability in its FortiClient Enterprise Management Server for managing endpoint devices. The flaw, identified as CVE-2024-48788, stems from an SQL injection error in a direct-attached storage ...
8 months ago Darkreading.com

Fortinet warns of critical RCE bug in endpoint management software - Fortinet patched a critical vulnerability in its FortiClient Enterprise Management Server software that can allow attackers to gain remote code execution on vulnerable servers. FortiClient EMS enables admins to manage endpoints connected to an ...
8 months ago Bleepingcomputer.com

New Fortinet RCE bug is actively exploited, CISA confirms - CISA confirmed today that attackers are actively exploiting a critical remote code execution bug patched by Fortinet on Thursday. The flaw is due to an out-of-bounds write weakness in the FortiOS operating system that can let unauthenticated ...
9 months ago Bleepingcomputer.com

133k+ Fortinet appliances still vulnerable to CVE-2024-21762 The Register - The volume of Fortinet boxes exposed to the public internet and vulnerable to a month-old critical security flaw in FortiOS is still extremely high, despite a gradual increase in patching. According to security nonprofit Shadowserver's latest data, ...
8 months ago Go.theregister.com

CISA warns Fortinet zero-day vulnerability under attack - CISA urged users to address two critical Fortinet vulnerabilities in products that are commonly targeted by the Chinese nation-state threat group Volt Typhoon, and one flaw is already being exploited in the wild. Fortinet published two separate ...
9 months ago Techtarget.com

Experts released PoC exploit code for RCE in Fortinet SIEM - Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw. Crowdfense is offering a larger 30M USD exploit acquisition program. Threat actors actively exploit JetBrains TeamCity flaws to deliver malware. PoC ...
5 months ago Securityaffairs.com

Exploit for critical Fortra FileCatalyst Workflow SQLi flaw released - The Fortra FileCatalyst Workflow is vulnerable to an SQL injection vulnerability that could allow remote unauthenticated attackers to create rogue admin users and manipulate data on the application database. FileCatalyst Workflow is a web-based file ...
4 months ago Bleepingcomputer.com

Exploitation activity increasing on Fortinet vulnerability - Exploitation activity appears to be ramping up against a critical Fortinet vulnerability that was disclosed and patched last month. In a security advisory on Feb. 8, Fortinet detailed a zero-day vulnerability in FortiOS, tracked as CVE-2024-21762 or ...
8 months ago Techtarget.com

Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure - Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution. Fortinet added the two new vulnerabilities tracked as CVE-2024-23108 and CVE-2024-23109 to the original ...
9 months ago Bleepingcomputer.com

Fortinet enhances its OT security solutions and services - Fortinet announced the latest release of new, integrated operational technology security solutions and services. These additions further distance Fortinet's industry-leading OT Security Platform from the rest of the market. The number of industrial ...
11 months ago Helpnetsecurity.com

Fortinet warns of critical command injection bug in FortiSIEM - Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests. FortiSIEM is a ...
11 months ago Bleepingcomputer.com

Getting a Remote Desktop Freeze? Microsoft Fixes Windows 11 Issue - Microsoft has released a patch to fix the Remote Desktop freeze bug in Windows 11. This bug caused computers to freeze after some users tried to connect using the Remote Desktop protocol. Microsoft's technical support team has been working on the ...
1 year ago Bleepingcomputer.com

Exploit released for Palo Alto PAN-OS bug used in attacks, patch now - Exploit code is now available for a maximum severity and actively exploited vulnerability in Palo Alto Networks' PAN-OS firewall software. Tracked as CVE-2024-3400, this security flaw can let unauthenticated threat actors execute arbitrary code as ...
7 months ago Bleepingcomputer.com

How Patch Management Software Solves the Update Problem - I've never met an IT leader who doesn't know how important patch management is. At Heimdal, we believe patch management software provides the solution to this problem. Patch management software is a technology that allows businesses to automate the ...
4 months ago Heimdalsecurity.com

Fortinet Adds Generative AI Tool to Security Operations Portfolio - Fortinet today added a generative artificial intelligence tool to its portfolio to eliminate a range of manual tasks that security operations teams would otherwise need to perform. John Maddison, chief marketing officer for Fortinet, said Fortinet ...
11 months ago Securityboulevard.com

Microsoft March 2024 Patch Tuesday fixes 60 flaws, 18 RCE bugs - Today is Microsoft's March 2024 Patch Tuesday, and security updates have been released for 60 vulnerabilities, including eighteen remote code execution flaws. This Patch Tuesday fixes only two critical vulnerabilities: Hyper-V remote code execution ...
8 months ago Bleepingcomputer.com

RCE exploit for Wyze Cam v3 publicly released, patch now - A security researcher has published a proof-of-concept exploit for Wyze Cam v3 devices that opens a reverse shell and allows the takeover of vulnerable devices. Wyze Cam v3 is a top-selling, inexpensive indoor/outdoor security camera with support for ...
11 months ago Bleepingcomputer.com

Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
8 months ago Cisa.gov

Microsoft Gives Admins a Reprieve With Lighter-Than-Usual Patch Update - In what's sure to be a refreshing break for IT and security teams, Microsoft's monthly security update for December 2023 contained fewer vulnerabilities for them to address than in recent months. The update included fixes for a total of 36 ...
11 months ago Darkreading.com

Fortinet unveils networking solution integrated with Wi-Fi 7 - Fortinet announced a comprehensive secure networking solution integrated with Wi-Fi 7. Fortinet's first Wi-Fi 7 access point, FortiAP 441K, delivers increased speed and capacity, and the new FortiSwitch T1024 is purpose-built with 10 Gigabit Ethernet ...
10 months ago Helpnetsecurity.com

Latest Cyber News

CVE-2024-11586 - 8 hours ago
CVE-2024-50054 - 11 hours ago
CVE-2024-47138 - 11 hours ago
CVE-2024-52034 - 11 hours ago
CVE-2024-47407 - 11 hours ago
CVE-2024-0138 - 12 hours ago
CVE-2024-9113 - 12 hours ago
CVE-2024-9112 - 12 hours ago
CVE-2024-7565 - 12 hours ago
CVE-2024-7511 - 12 hours ago
CVE-2024-7510 - 12 hours ago
CVE-2024-7352 - 12 hours ago
CVE-2024-7253 - 12 hours ago
CVE-2024-7245 - 12 hours ago
CVE-2024-6871 - 12 hours ago
CVE-2024-11394 - 12 hours ago
CVE-2024-11393 - 12 hours ago
CVE-2024-11392 - 12 hours ago
CVE-2024-6822 - 12 hours ago
CVE-2024-6821 - 12 hours ago

Cyber Trends (last 7 days)

Okta - 11 months ago
23andMe - 11 months ago
Kimsuky - 11 months ago
LogoFAIL - 11 months ago
Gh0st rat - 11 months ago

Trending Cyber News (last 7 days)

CVE-2024-52440 - 2 days ago
CVE-2024-52441 - 2 days ago
CVE-2024-52447 - 2 days ago
CVE-2024-11484 - 2 days ago
CVE-2024-11489 - 2 days ago
CVE-2018-9471 - 2 days ago
CVE-2018-9479 - 2 days ago
CVE-2018-9480 - 2 days ago
CVE-2018-9482 - 2 days ago
CVE-2018-9486 - 2 days ago
CVE-2024-33439 - 2 days ago
CVE-2024-48534 - 2 days ago
CVE-2024-48982 - 2 days ago
CVE-2024-49203 - 2 days ago
CVE-2024-52677 - 2 days ago
CVE-2024-52701 - 2 days ago
CVE-2024-9875 - 2 days ago
CVE-2024-11233 - 2 days ago
CVE-2024-11234 - 2 days ago
CVE-2024-11236 - 2 days ago