One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8665658 |
| Date de publication | 2025-04-21 12:33:13 (vue: 2025-04-21 13:07:05) |
| Titre | Rapport de vulnérabilité informatique: Dispositifs Fortinet Vulnérable à l'exploitation IT Vulnerability Report: Fortinet Devices Vulnerable to Exploit |
| Texte | 
Overview
Cyble\'s vulnerability intelligence unit examined 26 vulnerabilities and 14 dark web exploit claims in recent reports to clients and flagged 10 of the vulnerabilities as meriting high-priority attention by security teams.
The vulnerabilities, which can lead to system compromise and data breaches, affect Fortinet products, WordPress plugins, Linux and Android systems, and more.
The Top IT Vulnerabilities
Here are some of the vulnerabilities highlighted by Cyble vulnerability intelligence researchers in recent reports.
CVE-2022-42475, CVE-2023-27997, and CVE-2024-21762 are critical vulnerabilities in Fortinet FortiGate devices that have been actively exploited to gain unauthorized remote access. CVE-2022-42475 is a heap-based buffer overflow vulnerability in the SSL-VPN component that allows remote code execution, while the other two enable initial access and privilege escalation.
Recently, Fortinet revealed that attackers exploited these vulnerabilities to gain initial access and then used a novel post-exploitation technique to maintain persistent read-only access even after patches were applied. This technique involves creating a symbolic link (symlink) in the SSL-VPN language files folder that connects the user file system to the root file system, allowing attackers to evade detection and continue accessing device configurations.
CVE-2024-48887 is a critical unverified password change vulnerability in the Fortinet FortiSwitch GUI that could allow a remote, unauthenticated attacker to change adminis |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | serbian 2005: 2022 2023 2024 2025 21762 22457: 23120: 24071: 27997 30065 300x150 3102 31334 42475 48887 53197 access accessing accounts actions activated actively activities actors administrative administrator advisories affect affected affecting affects after against aggregate alerts alignment all allow allowing allows alsa also analyze suspicious android an incident apache api application applied appropriate arbitrary archive archiver archives are areas arises assess assessment assets attack attacker attackers attention audio audits authenticated authentication authoritative authorities authorization automate automatic automation avro backup backups based become been before best bigger bnumconfigurations bounds breaches buffer but bypass bypassed can caption= certs chain change check checks claimed claims click here clients code com/wp complement compliance component comprehensive compromise conclusion conduct configurations configured confirmation confiscated connect connects consider consistency containing content/uploads/2025/04/cyble continue controls convince correlate could craft crafted crashes create creating critical current cve cvss cyber cyble dark data day defenses deployment designed detect detecting detection determining develop device devices different disclosure discussing discussion distinct divide domain downloaded driver due ease effectiveness efficiency efforts empty enable enabling end endpoint engineering ensure environment escalation essential evade even event events examined executable execute executing execution exercises exploit exploitation exploited exploiting exploits explorer exposed exposure extigy extracted feature file file= files firewalls flag flagged flaw folder following fortigate fortinet fortiswitch forums from front full function gain gateways gui harden hardware has hash hashes have header heap helping here high highlighted http https://cyble identified identify image impact implement implementing imported incidents include: includes including indicating indicators information initial input installed instances: integrity intelligence interaction internal internet invalid inventory involves isolate issue its ivanti java jpg kernel key lacks language large laterally latest lead leading leaks less library like limit link linux logging logs maintain maintaining malicious management manipulate mark maximum mbox medium memory meriting microsoft million missing module monitor monitoring more motw move multiple nearly network networks not novel ntlm observed occur odin official one only open opened organizations other out outlines overflow overview parameter parquet part particularly password passwords patch patches patching path penetration periodic persistent physical plan platform plugin plugins pointing policies policy popular possible post potential potentially potential threats practices practices: prior prioritize priority privilege privileges procedures process processing products prompt proper protect protecting provides quickly ransomware rar/zip rce read real recent recently recommendations recommends recovering reduce regular regularly remediate remote replication report: reportedly reports request requests requires researchers resistant respond responding response response plan revealed review risk root run score search secret secure security segments sending sensitive sensitivity set severity should siem smb social software solution solutions some sources specially specific specifically ssl stack standards steal strategy strong subscribe such suretriggers: surface surface exposed symbolic symlink system systems tactics take target teams technique test testing them then these the attack those threat threats time title= tool top triggers two typically unauthenticated unauthorized under underground unit unlock unsafe unverified update upload uploads usb use used user users using utility valid validation value vapt veeam vendors verification version versions vlans vpn vulnerabilities vulnerability vulnerable warning weaponizing web websites when where which wi |
| Tags | Tool Vulnerability Threat Patching Mobile |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.