What is Nostr?
Not Simon 🐐 /
npub14g0…znd6
2024-06-11 15:02:03

Not Simon 🐐 on Nostr: Happy Patch Tuesday from **Fortinet**:<li><a ...

Happy Patch Tuesday from **Fortinet**:<li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-128"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-24-128</a> CVE-2024-31495 (4.3 medium) Blind SQL Injection</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-036"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-24-036</a> CVE-2024-26010 (7.5 high) Buffer overflow in fgfmd</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-471"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-23-471</a> CVE-2024-23111 (6.8 medium) FortiOS/FortiProxy - XSS in reboot page</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-495"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-23-495</a> CVE-2023-23775 (6.5 medium) FortiSOAR is vulnerable to sql injection in Event Auth API via uuid parameter</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-460"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-23-460</a> CVE-2024-23110 (7.8 high) Multiple buffer overflows in diag npu command</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-356"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-23-356</a> CVE-2023-46720 (6.7 medium) Stack buffer overflow on bluetooth write feature</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-170"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-24-170</a> TunnelVision - CVE-2024-3661 (5.0 medium) (See <strong>Leviathan Security</strong> analysis: <a href="https://www.leviathansecurity.com/blog/tunnelvision"; target="_blank" rel="nofollow noopener noreferrer">TunnelVision (CVE-2024-3661): How Attackers Can Decloak Routing-Based VPNs For a Total VPN Leak</a> for more information on <a href="https://infosec.exchange/tags/TunnelVision"; class="mention hashtag" rel="tag">#<span>TunnelVision</span></a>, VPN bypass technique)</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-423"; target="_blank" rel="nofollow noopener noreferrer">FG-IR-23-423</a> CVE-2024-21754 (1.8 low) Weak key derivation for backup file</li>

No mention of exploitation. Let the Patch Tuesday madness begin!

#PatchTuesday #vulnerability #Fortinet #CVE
Author Public Key
npub14g0mj0fmn0sepfuhp2wupyk7d8xyz7rezpmrx2gfsav9vxlwxypq4xznd6