CISA Activity - Fortinet Releases Security Updates for Multiple Products

system · April 9, 2024, 5:22pm

Fortinet released security updates to address vulnerabilities in multiple products, including OS and FortiProxy. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply necessary updates:

[ul]
[li]FR-IR-23-345 FortiClientMac - Lack of configuration file validation[/li][li][FG-IR-23-493 FortiOS & FortiProxy - Administrator cookie leakage](‘https://www.fortiguard.com/psirt/FG-IR-23-345 https://www.fortiguard.com/psirt/FG-IR-23-493’)[/li][li]FG-IR-23-087 FortiClient Linux - Remote Code Execution due to dangerous nodejs configuration[/li][/ul]