Security News > 2023 > March > Fortinet warns of new critical unauthenticated RCE vulnerability

Fortinet warns of new critical unauthenticated RCE vulnerability
2023-03-08 19:25

Fortinet has disclosed a "Critical" vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or perform denial of service on the GUI of vulnerable devices using specially crafted requests.

FortiOS version 7.2.0 through 7.2.3.

FortiOS version 7.0.0 through 7.0.9.

FortiOS version 6.4.0 through 6.4.11.

FortiOS version 6.2.0 through 6.2.12.

On February 16, Fortinet fixed two critical remote code execution flaws impacting FortiNAC and FortiWeb products, calling users to apply the security updates immediately.


News URL

https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-critical-unauthenticated-rce-vulnerability/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 77 15 314 277 81 687