Security News > 2024 > February > Fortinet's week to forget: Critical vulns, disclosure screw-ups, and that toothbrush DDoS attack claim
The only workaround recommended by Fortinet is to disable the SSL VPN. Disabling webmode won't mitigate the vulnerability, it said.
Firstly, Fortinet backtracked and said these weren't vulnerabilities at all, instead explaining that they were issued in error and were duplicates of the single vulnerability mentioned in the aforementioned October advisory - CVE-2023-34992.
Due to exceptional circumstances that include the premature dissemination of mitigation guidance and in an effort to help protect our customers, Fortinet distributed its monthly advisory on February 8 ahead of its anticipated February 13 publication date to provide important details to customers considering these circumstances.
For more on Fortinet's responsible disclosure process, visit the Fortinet Product Security Incident Response Team.
The reporter at the Swiss German daily which originally reported the story then snapped back with a comeback that refuted Fortinet's response, saying: "What the Fortinet headquarters in California is now calling a 'translation problem' sounded completely different during the research: Swiss Fortinet representatives described the toothbrush case as a real DDoS at a meeting that discussed current threats."
The Swiss reporter also said the article was proofread by Fortinet before publication and nothing in the report was corrected by the vendor.
News URL
https://go.theregister.com/feed/www.theregister.com/2024/02/09/a_look_at_fortinet_week/
Related news
- Zabbix urges upgrades after critical SQL injection bug disclosure (source)
- Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Mirai Botnet Variant Exploits Four-Faith Router Vulnerability for DDoS Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-10 | CVE-2023-34992 | OS Command Injection vulnerability in Fortinet Fortisiem A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API requests. | 9.8 |