Security News > 2024 > October > 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113)
Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the wild. The Shadowserver Foundation shared on Sunday that there are still 87,000+ internet-facing Fortinet devices likely vulnerable to the flaw. About CVE-2024-23113 CVE-2024-23113, a format string vulnerability that affects the FortiOS FGFM (FortiGate to FortiManager) daemon and can … More → The post 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/10/15/cve-2024-23113/
Related news
- Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575) (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Week in review: 87k+ Fortinet devices still open to attack, red teaming tool used for EDR evasion (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- Millions of Synology NAS devices vulnerable to zero-click attacks (CVE-2024-10443) (source)
- Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465) (source)
- Fortinet VPN design flaw hides successful brute-force attacks (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-02-15 | CVE-2024-23113 | Use of Externally-Controlled Format String vulnerability in Fortinet products A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets. | 9.8 |