Source |
The Hacker News |
Identifiant |
8448269 |
Date de publication |
2024-02-09 11:06:00 (vue: 2024-02-09 06:08:03) |
Titre |
Fortinet met en garde contre la vulnérabilité Critical Fortios SSL VPN sous exploitation active Fortinet Warns of Critical FortiOS SSL VPN Vulnerability Under Active Exploitation |
Texte |
Fortinet a révélé une nouvelle faille de sécurité critique dans Fortios SSL VPN qui, selon elle, est probablement exploitée dans la nature.
La vulnérabilité, & nbsp; CVE-2024-21762 & nbsp; (score CVSS: 9.6), permet l'exécution de code et de commandes arbitraires.
"Une vulnérabilité d'écriture hors limites [CWE-787] dans FortiO
Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild.
The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands.
"A out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially |
Envoyé |
Oui |
Condensat |
cve 2024 21762 787 active allow allows arbitrary attacker being bounds code command commands critical cvss cwe disclosed execute execution exploitation exploited flaw fortinet fortios has likely may new out remote said score: security specially ssl unauthenticated under vpn vulnerability warns wild write |
Tags |
Vulnerability
|
Stories |
|
Notes |
★★
|
Move |
|