Chinese hackers exploit Fortinet VPN zero-day to steal credentials

November 18, 2024 at 05:48PM Chinese hackers “BrazenBamboo” exploit a zero-day vulnerability in Fortinet’s FortiClient VPN using a tool called ‘DeepData’ to extract user credentials. Discovered by Volexity in July 2024, the flaw has not been patched, risking corporate networks. VPN access should be restricted until Fortinet releases a fix. ### Meeting Takeaways 1. **Zero-Day … Read more

Fortinet patches VPN app flaw that could give rogue users, malware a privilege boost

November 14, 2024 at 05:30PM A critical vulnerability (CVE-2024-47574) in Fortinet’s FortiClient VPN could allow unauthorized code execution and privilege escalation on Windows systems. Patched in version 7.4.1, it has a 7.8 CVSS rating. Another flaw (CVE-2024-50564) allows altering SYSTEM-level registry keys. Both vulnerabilities were not exploited in the wild. **Meeting Takeaways:** 1. **High-Severity Vulnerability … Read more

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

April 10, 2024 at 08:30AM Fortinet announced patches for critical vulnerabilities in FortiOS and other products, including a code injection bug in FortiClientLinux (CVE-2023-45590). Several high-severity vulnerabilities were also addressed in FortiOS, FortiProxy, FortiClientMac, and FortiSandbox. Users are advised to update their Fortinet appliances promptly to prevent potential cyber threats. CISA warns of the vulnerabilities’ … Read more

Fortinet warns of critical RCE bug in endpoint management software

March 13, 2024 at 02:48PM Fortinet patched a critical remote code execution (RCE) vulnerability in its FortiClient Enterprise Management Server (EMS) software, impacting versions 7.0 and 7.2. The company also fixed an out-of-bounds write weakness in FortiOS and FortiProxy captive portal, as well as other high-severity flaws. A prior RCE bug was disclosed, potentially exploited … Read more