Read the original article at https://www.cisa.gov/news-events/alerts/2023/10/11/fortinet-releases-security-updates-multiple-products
Fortinet has released security advisories addressing vulnerabilities in multiple products. These vulnerabilities may allow cyber threat actors to take control of the affected systems.
CISA encourages users and administrators to review the following Fortinet security advisories and apply the recommended updates:
- FG-IR-23-189: FortiManager, FortiAnalyzer – Path traversal via unrestricted file upload
- FG-IR-23-062: FortiManager – Improper inter ADOM access control
- FG-IR-23-167: FortiManager, FortiAnalyzer – OS command injection
- FG-IR-22-352: FortiManager, FortiAnalyzer, FortiADC – Command injection due to an unsafe usage of function
- FG-IR-23-318: FortiOS – Improper authorization via prof-admin profile
- FG-IR-23-085: FortiSIEM – Multiple path traversal vulnerabilities
Read the original article at https://www.cisa.gov/news-events/alerts/2023/10/11/fortinet-releases-security-updates-multiple-products