FortiWAN - OS command injection leads to privilege escalation

CVE-2021-26115

6 Jul 2021

Summary

An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.

Affected Products

FortiWAN versions 4.5.7 and below.

Solutions

Please upgrade to FortiWAN version 4.5.8 or above.

Acknowledgement

Fortinet is pleased to thank Resecurity, Inc for bringing this issue to our attention under responsible disclosure.

Source: FortGuard Labs - Fortinet

CVE-2023-29414

Schneider Electric Accutech Manager (2.7 and prior) - Classic Buffer Overflow

11 Jul 2023

CVE-2018-4097

macOS High Sierra 10.13.2 Arbitrary Code Execution with Kernel Privileges

22 Jan 2018

Bulletin d’information

Restez informé des dernières actualités et évolutions en cybersécurité.

En m’abonnant, je comprends et j’accepte que mes données personnelles soient collectées et traitées conformément à la Confidentialité et aux Politique relative aux cookies

Architecture cloud