Rewterz

Rewterz Threat Alert – Dridex Banking Trojan – IoCs

September 22, 2020
Rewterz

Rewterz Threat Advisory – CVE-2020-3977 – VMware Horizon DaaS broken authentication vulnerability

September 22, 2020

Rewterz Threat Advisory – CVE-2020-12811 – FortiManager and FortiAnalyzer cross-site scripting

Severity

Medium

Analysis Summary

FortiManager and FortiAnalyzer are vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the Identify Provider name field to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to execute unauthorized code or commands on the system.

Impact

Cross-site scripting

Affected Vendors

FortiGuard

Affected Products

  • Fortinet FortiManager 6.2.0
  • Fortinet FortiManager 6.2.1
  • Fortinet FortiAnalyzer 6.2.3
  • Fortinet FortiManager 6.2.3

Remediation

Refer to FortiGuard Advisory FG-IR-20-005 for patch, upgrade or suggested workaround information.

https://www.fortiguard.com/psirt/FG-IR-20-005

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.