Security Alert (A24-11-09): Multiple Vulnerabilities in Fortinet Products


 

Published on: 13 November 2024

  
  

Description:

Fortinet released security advisories to address multiple vulnerabilities in Fortinet systems. An attacker could exploit these vulnerabilities by sending specially crafted requests to an affected system.

 

Affected Systems:

  • FortiAnalyzer
  • FortiManager
  • FortiAnalyzer-BigData
  • FortiOS
  • FortiProxy
  • FortiPAM
  • FortiPortal
  • FortiSwitchManager

For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.

 

Impact:

Successful exploitation of the vulnerabilities could lead to remote code execution, denial of service, elevation of privilege, information disclosure, security feature bypass or tampering of affected system.

 

Recommendation:

Patches for affected systems are now available. Administrators of affected systems should follow the recommendations provided by the vendor and take immediate actions to mitigate the risk.

 

More Information:

  • https://www.fortiguard.com/psirt/FG-IR-23-267
  • https://www.fortiguard.com/psirt/FG-IR-23-396
  • https://www.fortiguard.com/psirt/FG-IR-23-475
  • https://www.fortiguard.com/psirt/FG-IR-24-032
  • https://www.fortiguard.com/psirt/FG-IR-24-033
  • https://www.fortiguard.com/psirt/FG-IR-24-098
  • https://www.fortiguard.com/psirt/FG-IR-24-099
  • https://www.fortiguard.com/psirt/FG-IR-24-115
  • https://www.fortiguard.com/psirt/FG-IR-24-116
  • https://www.fortiguard.com/psirt/FG-IR-24-125
  • https://www.fortiguard.com/psirt/FG-IR-24-179
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23666
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26011
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32116
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32117
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32118
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31496
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33505
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-33510
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-35274
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-44255
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50176


Tag: Fortinet , FortiAnalyzer , FortiManager , FortiOS , FortiProxy , FortiPAM , FortiPortal , FortiSwitchManager
Tags