Rewterz

DarkCrystal RAT aka DCRat – Active IOCs

March 18, 2025
Rewterz

Multiple Adobe Products Vulnerabilities

March 18, 2025

Multiple Fortinet Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-55594 CVSS:5.6

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests.

CVE-2023-48785 CVSS:4.4

An improper certificate validation vulnerability [CWE-295] in FortiNAC-F version 7.2.4 and below may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the HTTPS communication channel between the FortiOS device, an inventory.

CVE-2024-47573 CVSS:6

An improper validation of integrity check value vulnerability [CWE-354] in FortiNDR version 7.4.2 and below, version 7.2.1 and below, version 7.1.1 and below, version 7.0.6 and below may allow an authenticated attacker with at least Read/Write permission on system maintenance to install a corrupted firmware image.

CVE-2024-46662 CVSS:8.3

A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiManager versions 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to escalation of privilege via specifically crafted packets.

Impact

  • Security Bypass
  • Code Execution
  • Privilege Escalation
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2024-55594

  • CVE-2023-48785

  • CVE-2024-47573

  • CVE-2024-46662

Affected Vendors

  • Fortinet

Affected Products

  • Fortinet FortiWeb - 7.4.0
  • Fortinet FortiWeb - 7.2.0
  • Fortinet FortiWeb - 7.0.0
  • Fortinet FortiNAC-F - 7.2.0
  • Fortinet FortiNDR - 7.4.0 - 7.2.0 - 7.1.0 - 7.0.0
  • Fortinet FortiManager - 7.4.1

Remediation

Upgrade to the latest version, available from the Fortiguard Website.

CVE-2024-55594

CVE-2023-48785

CVE-2024-47573

CVE-2024-46662

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.