Fortinet has informed customers about 16 vulnerabilities discovered in the company’s products, including six flaws that have been assigned a ‘high’ severity rating.
FortiTester is vulnerable to a high-severity flaw that lets logged-in attackers run commands by passing carefully crafted arguments to already existing commands. A flaw in FortiSIEM enables a local attacker with command-line access to directly perform actions on the Glassfish server using a hardcoded password. Cross-site scripting (XSS) bugs are the remaining serious security holes. They have an effect on FortiDeceptor, FortiManager, FortiAnalyzer, and FortiADC.
Also Read: Effective Collaboration Between IT and HR is Critical to Better Cybersecurity
Some of them allow for remote exploits that don’t require authentication. FortiOS, FortiTester, FortiSOAR, FortiMail, FortiEDR CollectorWindows, FortiClient for Mac, and FortiADC have all received patches for medium- and low-severity flaws.
Read More: Fortinet Patches 6 High-Severity Vulnerabilities
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.