Security Alert (A24-07-08): Multiple Vulnerabilities in Fortinet Products


 

Published on: 10 July 2024

Share on Facebook    Share on X   

Description:

Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.

 

Affected Systems:

  • FortiOS version 7.0 (all versions), version 7.2 (all versions), 7.4.0 through 7.4.3
  • FortiProxy version 7.0 (all versions), version 7.2 (all versions), 7.4.0 through 7.4.3
  • FortiWeb version 6.3 (all versions), version 6.4 (all versions), version 7.0 (all versions), 7.2.0 through 7.2.1

 

Impact:

Successful exploitation of the vulnerabilities could lead to information disclosure, security restriction bypass, spoofing or tampering of affected system.

 

Recommendation:

Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://www.fortiguard.com/psirt/FG-IR-22-326
  • https://www.fortiguard.com/psirt/FG-IR-23-446
  • https://www.fortiguard.com/psirt/FG-IR-23-485
  • https://www.hkcert.org/security-bulletin/fortinet-products-multiple-vulnerabilities_20240710
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26006
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26015
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33509


Tag:
Tags