Summary: Amidst the global lock-down environment, hackers have come forward to use SSL VPN vulnerabilities and gets lucrative. Hackers have targeted Pulse Secure, Fortinet, Palo Alto Networks, and Citrix VPNs to hack into large companies., throughout the previous year (which already Qualys have protection covered) and again this time they have come up with FortiOS … Continue reading “Fortinet FortiOS SSL VPN Multiple Cross-Site Scripting Vulnerabilities (CVE-2018-13379,CVE-2018-13380,CVE-2018-13381,CVE-2018-13382,CVE-2018-13383)”
Tag: FortiOS
FortiOS and FortiClient Man-In-The-Middle Attack privilege escalation vulnerability (CVE-2018-9195)
Summary: FortiOS has been reported with an unquoted service path vulnerability. FortiClient FortiTray of FortiClientConsole executable service path is the vulnerable component that leads to escalated privileges. Description: For Mac and Windows Fortigate products like FortiOS for FortiGate firewalls and the FortiClient endpoint antivirus.,uses a weak encryption cipher (XOR) and hardcoded cryptographic keys to communicate … Continue reading “FortiOS and FortiClient Man-In-The-Middle Attack privilege escalation vulnerability (CVE-2018-9195)”
