Advertisement
Top
image credit: Vecteezy

Fortinet’s week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim

February 9, 2024

Via: The Register
Category:

We’ve had to write the word “Fortinet” so often lately that we’re considering making a macro just to make our lives a little easier after what the company’s reps will surely agree has been a week sent from hell.

It all culminated this Friday with the disclosure of yet another critical security vulnerability in FortiOS, impacting its SSL VPN.

Tracked as CVE-24-21762, the 9.6 severity out-of-bounds write issue allows for remote unauthenticated attackers to achieve code execution. There’s also evidence to suggest it’s already been exploited as a zero-day.

Read More on The Register

RELATED PUBLICATIONS

The importance of the Vulnerability Operations Centre for cybersecurity
OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Are passwordless systems the future of authentication?

Latest Publications

Sweden’s liquor supply severely impacted by ransomware attack on logistics company
Autodesk Drive Abused in Phishing Attacks 
Google fixed critical Chrome vulnerability CVE-2024-4058
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!