CISA Activity - Fortinet Releases Security Updates for Multiple Products

system · November 12, 2024, 8:52pm

Fortinet has released security updates to address vulnerabilities in multiple products, including FortiOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply necessary updates:

[ul]
[li]FG-IR-23-396 ReadOnly Users Could Run Some Sensitive Operations[/li][li]FG-IR-23-475 FortiOS - SSLVPN Session Hijacking Using SAML Authentication[/li][li]FG-IR-24-144 Privilege Escalation via Lua Auto Patch Function[/li][li]FG-IR-24-199 Named Pipes Improper Access Control[/li][/ul]