Top

Keyloggers, spyware, and stealers dominate SMB malware detections

SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring

Carbanak malware returned in ransomware attacks

Read the clouds, reduce the cyber risk

Maximizing cybersecurity on a budget

image credit: Unsplash

Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)

February 20, 2023

Via: Help Net Security

Category:

Fortinet has dropped fixes for 40 vulnerabilities in a variety of its products, including two critical vulnerabilities (CVE-2022-39952, CVE-2021-42756) affecting its FortiNAC and FortiWeb solutions.

Since cyberattackers love to exploit vulnerabilities in Fortinet enterprise solutions and a PoC exploit for CVE-2022-39952 is expected to be released soon, admins are advised to get a move on patching.

About the vulnerabilities

CVE-2022-39952 is an external control of file name or path vulnerability in the webserver of FortiNAC, Fortinet’s network access control solution. It can be exploited by an unauthenticated attacker to perform arbitrary write on a vulnerable system.

Read More on Help Net Security

Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

FIN7 targeted a large U.S. carmaker with phishing attacks

Fortinet plugs critical security hole in FortiNAC, with a PoC incoming (CVE-2022-39952)

Previous Article

Next Article

RELATED PUBLICATIONS

Trending

Tags

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

FIN7 targeted a large U.S. carmaker with phishing attacks