Malware vulnerabilities threaten the strength, Fortisandbox & Co.

Under some conditions, attackers can target Fortianalyzer, Fortios, Fortisandbox, Fortipam, Fortiproxy and Fortiweb. So far, however, there is no information about the ongoing attacks. However, administrators should not wait too long to install security updates.

Prevention of attacks

As can be seen from the IT Security section of the Fortinet siteVarious versions of the mentioned products are vulnerable. The most dangerous is a vulnerability (Cve-2024-52961 “high”) in FortisandBox 3.0 to 5.0 and including 5.0.

Because the entrances are not sufficiently sanitized, the attackers can execute their commands without authentication using special, unspecified entries. However, this should require at least authorizations for reading only. EDITION 4.0.6, 4.2.8, 4.4.7 and 5.0.1 are equipped against this.

Force, Fortipam, Fortiproxy and Fortiweb are vulnerable to malicious code attacks (Cve-2024-45324 “high”), among others. The network provider lists the editions that are equipped with it In a warning message.

(Often)

Don’t miss any news – follow -ne
Facebook,
LinkedIn or
Mastodon.

This article was initially published in German. It was translated with technical assistance and editorially reviewed before publishing.