Security News > 2023 > July > New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products

New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products
2023-07-13 05:16

SonicWall on Wednesday urged customers of Global Management System firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.

"The suite of vulnerabilities allows an attacker to view data that they are not normally able to retrieve," SonicWall said.

The disclosure comes as Fortinet disclosed a critical flaw affecting FortiOS and FortiProxy that could enable an adversary to achieve remote code execution under certain circumstances.

Worried about insider threats? We've got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.

Impacted products include FortiOS versions 7.2.0 through 7.2.3 and 7.0.0 through 7.0.10 as well as FortiProxy versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.9.

It's worth noting that the flaw does not impact all versions of FortiOS 6.0, FortiOS 6.2, and FortiOS 6.4, and FortiProxy 1.x and FortiProxy 2.x. For customers who cannot apply the updates immediately, Fortinet is recommending that they disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies with proxy mode.


News URL

https://thehackernews.com/2023/07/new-vulnerabilities-disclosed-in.html

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Fortinet 77 15 314 277 81 687
Sonicwall 113 0 41 74 38 153