Security News > 2023 > July > New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products
SonicWall on Wednesday urged customers of Global Management System firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.
"The suite of vulnerabilities allows an attacker to view data that they are not normally able to retrieve," SonicWall said.
The disclosure comes as Fortinet disclosed a critical flaw affecting FortiOS and FortiProxy that could enable an adversary to achieve remote code execution under certain circumstances.
Worried about insider threats? We've got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.
Impacted products include FortiOS versions 7.2.0 through 7.2.3 and 7.0.0 through 7.0.10 as well as FortiProxy versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.9.
It's worth noting that the flaw does not impact all versions of FortiOS 6.0, FortiOS 6.2, and FortiOS 6.4, and FortiProxy 1.x and FortiProxy 2.x. For customers who cannot apply the updates immediately, Fortinet is recommending that they disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies with proxy mode.
News URL
https://thehackernews.com/2023/07/new-vulnerabilities-disclosed-in.html
Related news
- Setting Up Your Network Security? Avoid These 4 Mistakes (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)
- Here's what happens if you don't layer network security – or remove unused web shells (source)