PAN Security Advisory CVE-2024-3400 PAN-OS: Arbitrary File Creation Leads to OS Command Injection Vulnerability in GlobalProtect

Palo Alto Networks discovered a vulnerability (CVE-2024-3400) with a CVSSv4.0 base score of 10 that impacts PAN-OS version 10.2+ with GlobalProtect enabled. We strongly recommend all to review the advisory for remediation steps. Are you affected? This vulnerability does not apply to you if any one of the following apply:…

Loading

read more

CVE-2023-27997 – FortiOS & FortiProxy – Heap buffer overflow in sslvpn pre-authentication

Please note the vulnerabilities in Fortinet products published in June. In particular, we would like to mention the vulnerability in FortiOS, which affects SSLVPN access and poses a major threat with a CVSSv3 score of 9.2. Fortinet PSIRT: https://www.fortiguard.com/psirt/FG-IR-23-097CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27997 Affected are FortiOS versions 6.0 to 7.2. Fortinet has already…

Loading

read more

CheatSheet FortiOS v7.2

We are happy to present you the new cheat sheet for FortiOS version 7.2. Most commands have remained the same.A bigger change is that the Packet Sniffer and the Debug Flow are now also available in the WebUI under Network > Diagnostics. We wish you good luck with troubleshooting.

Loading

read more

CVE-2022-40684 – Fortinet: Authentication bypass on administrative interface (HTTP/HTTPS) (Deutsch)

Englische Version: CVE-2022-40684 – Fortinet Authentication bypass on administrative interface (HTTP/HTTPS) (English) Sie haben sicherlich (und hoffentlich) die Informationen über die veröffentlichte Fortigate-Schwachstelle beim Zugriff auf die Administration gelesen und die entsprechenden Patches installiert. Wir haben alle Informationen hier noch einmal für Sie zusammengestellt.

Loading

read more

Fortigate: L2TP over IPsec configuration needs to be manually updated after upgrading from 6.4.x or 7.0.x

Fortinet has added a special note in the release notes of FortiOS 7.0 as follow: Source:https://docs.fortinet.com/document/fortigate/7.0.6/fortios-release-notes/927994/l2tp-over-ipsec-configuration-needs-to-be-manually-updated-after-upgrading-from-6-4-x-or-7-0-0-to-7-0-1-and-later Unfortunately the second point does not clearly state which policy exactly needs to be changed.Here is a screenshot of the changed policy: As you can see, the policy from the l2tp client to the…

Loading

read more