El investigador de ciberseguridad, Mike Connor, ha descubierto una vulnerabilidad crítica de control de acceso inapropiado en varios productos de Fortinet.

Vulnerabilities of this type allow a remote attacker to access the system, without needing to authenticate, as a legitimate user when requesting a password change from the user interface.

Fortinet has confirmed that this vulnerability is affecting the email services (FortiMail) and enterprise phone (FortiVideoEnterprise). Affecting the following versions of these:

  • FortiMail: 5.4.10 and earlier, 6.0.7 and earlier 6.2.2 and earlier
  • FortiVoiceEnterprise: 6.0.1 and earlier

New versions have already been released that fix this vulnerability, and Fortinet strongly recommends that customers update their systems as soon as possible if they have versions vulnerable to this flaw.


Leave a Reply

Your email address will not be published. Required fields are marked *

More news
A
Read more »
A researcher manages to hack some concert tickets using AI
Read more »
Una nueva campaña de phishing suplanta a ChatGPT
Read more »
Nintendo suffers a data breach through a supplier
Read more »
Trying to make fun of a scammer is not a very good idea
Read more »