March 12, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
CoinMiner Malware – Active IOCs
January 16, 2025RansomHub Ransomware Leverages Python Malware to Exploit Network Vulnerabilities – Active IOCs
January 16, 2025CoinMiner Malware – Active IOCs
January 16, 2025RansomHub Ransomware Leverages Python Malware to Exploit Network Vulnerabilities – Active IOCs
January 16, 2025
Severity
High
Analysis Summary
CVE-2024-47571 CVSS:7.9
Fortinet FortiManager could allow a remote attacker to bypass security restrictions, caused by improper access control to expiration resource.
CVE-2024-47572 CVSS:8.3
An improper neutralization of formula elements in a csv file in Fortinet FortiSOAR 7.2.1 through 7.4.1 allows attacker to execute unauthorized code or commands via manipulating csv file.
Impact
- Security Bypass
- Gain Access
Indicators of Compromise
CVE
CVE-2024-47571
CVE-2024-47572
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiManager 7.2.3
- Fortinet FortiManager 7.0.8
- Fortinet FortiManager 6.4.12
- Fortinet FortiManager 7.0.7
- Fortinet FortiSOAR - 7.4.0 - 7.3.0 - 7.2.1
Remediation
Upgrade to the latest version of Fortinet, available from the FortiGuard Website.