CyberSecurity news
FlagThis
info@thehackernews.com (The Hacker News)@The Hacker News - 74d
Multiple critical vulnerabilities have been discovered in Fortinet products, posing significant security risks. The most critical of these is CVE-2023-34990, a path traversal flaw in FortiWLM, which allows unauthenticated attackers to access sensitive files and potentially execute unauthorized code. This vulnerability, which has been given a CVSS score of 9.6 (or 9.8 by the NVD) stems from a lack of input validation on request parameters, enabling attackers to read log files which contain session IDs. Attackers can then use these session ID tokens to hijack sessions and gain access to authenticated endpoints, potentially granting admin access to the system.
Fortinet's FortiClient EMS has also been targeted, with a now-patched vulnerability (CVE-2023-48788) being actively exploited to deploy remote access tools like AnyDesk and ScreenConnect. This SQL injection flaw, which received a CVSS score of 9.3, enables attackers to execute unauthorized code. Hackers were observed using this flaw to gain initial access to systems, then dropping remote access software and password recovery tools to move laterally through the network. Other flaws include CVE-2024-48889, a command injection flaw in FortiManager, highlighting the wide range of vulnerabilities across multiple Fortinet products and underscoring the need for prompt patching.
ImgSrc: blogger.googleu
References :
Fortinet's FortiClient EMS has also been targeted, with a now-patched vulnerability (CVE-2023-48788) being actively exploited to deploy remote access tools like AnyDesk and ScreenConnect. This SQL injection flaw, which received a CVSS score of 9.3, enables attackers to execute unauthorized code. Hackers were observed using this flaw to gain initial access to systems, then dropping remote access software and password recovery tools to move laterally through the network. Other flaws include CVE-2024-48889, a command injection flaw in FortiManager, highlighting the wide range of vulnerabilities across multiple Fortinet products and underscoring the need for prompt patching.
ImgSrc: blogger.googleu
Share:
References :
- securityaffairs.com: Security Affairs report about Fortinet FortiWLM flaw.
- socradar.io: Critical Path Traversal in FortiWLM (CVE-2023-34990) Permits Code Execution; Next.js Auth Bypass (CVE-2024-51479)
- The Hacker News: TheHackernews article about Fortinet Critical vulnerability.
- The Hacker News: Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools
- techacademy.online: Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
- www.bleepingcomputer.com: Fortinet warns of critical FortiWLM bug giving hackers admin privileges
- securityonline.info: CVE-2023-34990 (CVSS 9.8): Critical Security Flaw Found in Fortinet FortiWLM
- circl: A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specially crafted web requests.
- circl: Social CIRCL post about Fortinet FortiWLM vulnerability.
- Security Risk Advisors: Critical Vulnerability in Fortinet FortiWLM
Classification:
- HashTags: #Fortinet #Vulnerability #RCE
- Company: Fortinet
- Target: Fortinet devices
- Product: FortiWLM, FortiClient EMS
- Feature: path traversal
- Type: Vulnerability
- Severity: Critical