Back to Feed
总结
近日,网络安全厂商飞塔(Fortinet)发布安全更新,修复FortiSIEM中一个被评为“关键”的漏洞。该缺陷被描述为命令注入问题,可能使远程攻击者在无需认证的情况下执行任意代码,从而接管相关系统并横向渗透。多家安全媒体称该漏洞的利用代码已公开,增加被快速武器化与批量扫描利用的风险;同时也有机构提醒关注飞塔其他产品相关漏洞与修补。官方建议受影响用户尽快升级与排查暴露面,以降低被入侵概率。
正文
Fortinet Fixes Critical FortiSIEM Flaw Allowing Unauthenticated Remote Code Execution The Hacker News Fortinet Patches Critical Vulnerabilities in FortiFone, FortiSIEM SecurityWeek FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code Cyber Security News Exploit code public for critical FortiSIEM command injection flaw BleepingComputer MS-ISAC Warns Of Fortinet Vulnerabilities And Code Risks The Cyber Express
发布时间: