Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy. None of the patched vulnerabilities is actively exploited, but Fortinet’s devices are often targeted by ransomware gangs and other cyber attackers, so implementing the offered security updates quickly is advised. About CVE-2023-25610 Discovered by Fortinet infosec engineer Kai Ni, CVE-2023-25610 is a buffer underwrite (‘buffer underflow’) vulnerability found in the FortiOS and FortiProxy … More
The post Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610) appeared first on Help Net Security.