Rewterz Threat Advisory – CVE-2023-44250 – Fortinet FortiOS and FortiProxy Vulnerability

Rewterz Threat Alert – GCleaner Malware – Active IOCs

January 10, 2024

Rewterz Threat Advisory – CVE-2024-0333 – Google Chrome Vulnerability

January 10, 2024

Rewterz Threat Advisory – CVE-2023-44250 – Fortinet FortiOS and FortiProxy Vulnerability

Severity

Medium

Analysis Summary

CVE-2023-44250

Fortinet FortiOS and Fortinet FortiProxy could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an improper privilege management vulnerability in an HA cluster. By sending specially crafted HTTP or HTTPS requests, an attacker could exploit this vulnerability to execute arbitrary code on the system.

Impact

Code Execution

Indicators Of Compromise

CVE

CVE-2023-44250

Affected Vendors

Fortinet

Affected Products

Fortinet FortiOS 7.4.0
Fortinet FortiOS 7.2.5
Fortinet FortiOS 7.4.1
Fortinet FortiProxy 7.4.0
Fortinet FortiProxy 7.4.1

Remediation

Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.

FortiGuard Advisory

Rewterz Threat Alert – GCleaner Malware – Active IOCs

Rewterz Threat Advisory – CVE-2024-0333 – Google Chrome Vulnerability

Rewterz Threat Advisory – CVE-2023-44250 – Fortinet FortiOS and FortiProxy Vulnerability

Severity

Analysis Summary

Impact

Indicators Of Compromise

CVE

Affected Vendors

Affected Products

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan