Most of you have already read about the latest release of Fortinet’s new PSIRT advisories. There are 15 new vulnerabilities for FortiOS and other products with severity level from low up to critical. We strongly recommend that you checkt the PSIRT advisories and update your Fortinet products to one of…
390 total views, 1 views today
Today Fortinet has published a new critical vulnerability in their FortiGate products. A successful attack allows arbitrary code or commands to be executed. The problem exist in the SSLVPN module – and you might be vulnerable if you are using SSLVPN and not running the latest patch release of the…
1,371 total views, 2 views today
German Version: CVE-2022-40684 – Fortinet Authentication bypass on administrative interface (HTTP/HTTPS) (Deutsch) You have certainly (and hopefully) read the information on the published Fortigate administration access vulnerability and applied the appropriate patches. We have compiled all the information again here for your convenience. 1,510 total views, 3 views today
1,510 total views, 3 views today
Englische Version: CVE-2022-40684 – Fortinet Authentication bypass on administrative interface (HTTP/HTTPS) (English) Sie haben sicherlich (und hoffentlich) die Informationen über die veröffentlichte Fortigate-Schwachstelle beim Zugriff auf die Administration gelesen und die entsprechenden Patches installiert. Wir haben alle Informationen hier noch einmal für Sie zusammengestellt. 687 total views, 8 views today
687 total views, 8 views today
WatchGuard’s Product Security Incident Response Team (PSIRT) has launched their public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact WatchGuard products or services. The published…
310 total views
Hi all, another vulnerability – log4j – is keeping us all on our toes.In this blog article you will find information about log4j from our vendors. 1,006 total views
1,006 total views
In the last few days, more and more articles about vulnerabilities in the Wifi area have appeared. These FragAttacks (fragmentation and aggregation attacks) which is a collection of new security vulnerabilities affects Wi-Fi devices from different vendors. heise.de: FragAttacks: Neue Angriffe gefährden nahezu alle WLAN-Geräte (German article) There is a…
1,988 total views
Let’s mention the important things first: Please patch you vulnerable Exchange 2013, 2016 and 2019 immediately! The page msxfaq has published an infosite to this vulnerability including the instructions how to fix your Exchange. Some security researchers have demonstrated three high risk vulnerabilities for exchange server systems. Microsoft has published…
Update, Nov 2020: More than a year after Fortinet described this SSLVPN vulnerability, it gets new attention. A few days ago a list of IPs and domain names of vulnerable Fortigates was published. This list is dated November 2019 and one can only hope that many of these systems have…
281 total views, 1 views today
Quellenangabe: Jonas Spieckermann, Watchguard Artikel vom WatchGuard Security Center: http://watchguardsecuritycenter.com/ Last week, a new ransomware variant called Locky began spreading in the wild. Locky encrypts data on an infected system using AES encryption, and then leaves a blackmail letter (which is localized in several languages) asking for half a bitcoin to get…
Sind Sie interessiert, den BOLL Blog als RSS Feed zu abonnieren?