[SECURITY-L] Fwd: Fortinet Releases Security Updates for Multiple Products

CSIRT Unicamp security em unicamp.br
Terça Abril 9 16:54:41 -03 2024 

===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830


---------- Forwarded message ---------
De: CISA <CISA em messages.cisa.gov>
Date: ter., 9 de abr. de 2024 às 16:07
Subject: Fortinet Releases Security Updates for Multiple Products
To: <security em unicamp.br>


[image: Cybersecurity and Infrastructure Security Agency (CISA)]

You are subscribed to Cybersecurity Advisories for Cybersecurity and
Infrastructure Security Agency. This information has recently been updated,
and is now available.


Fortinet Releases Security Updates for Multiple Products
<https://www.cisa.gov/news-events/alerts/2024/04/09/fortinet-releases-security-updates-multiple-products>
04/09/2024 08:00 AM EDT

Fortinet released security updates to address vulnerabilities in multiple
products, including OS and FortiProxy. A cyber threat actor could exploit
some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories
and apply necessary updates:

   - FR-IR-23-345 FortiClientMac - Lack of configuration file validation
   <https://www.fortiguard.com/psirt/FG-IR-23-345>
   - FG-IR-23-493 FortiOS & FortiProxy - Administrator cookie leakage
   <https://www.fortiguard.com/psirt/FG-IR-23-345%20%20%20https://www.fortiguard.com/psirt/FG-IR-23-493>
   - FG-IR-23-087 FortiClient Linux - Remote Code Execution due to
   dangerous   nodejs configuration
   <https://www.fortiguard.com/psirt/FG-IR-23-087>



This product is provided subject to this Notification
<https://www.cisa.gov/notification> and this Privacy & Use
<https://www.cisa.gov/privacy-policy> policy.

Having trouble viewing this message? View it as a webpage
<https://content.govdelivery.com/accounts/USDHSCISA/bulletins/3955c73>.
<https://content.govdelivery.com/accounts/USDHS/bulletins/292141e>

You are subscribed to updates from the Cybersecurity and Infrastructure
Security Agency <https://www.cisa.gov> (CISA)
Manage Subscriptions
<https://public.govdelivery.com/accounts/USDHSCISA/subscriber/edit?preferences=true#tab1>
  |  Privacy Policy <https://www.cisa.gov/privacy-policy>  |  Help
<https://subscriberhelp.granicus.com/s/article/Subscriber-Help-Center>
<https://insights.govdelivery.com/Communications/Subscriber_Help_Center>

Connect with CISA:
Facebook <https://www.facebook.com/CISA>  |  Twitter
<https://twitter.com/CISAgov>  |  Instagram <https://Instagram.com/cisagov>
|  LinkedIn
<https://www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency>
|   YouTube <https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A>
------------------------------
This email was sent to security em unicamp.br using GovDelivery Communications
Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707
17th St, Suite 4000 · Denver, CO 80202 [image: GovDelivery logo]
<https://subscriberhelp.granicus.com/>
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20240409/f318e858/attachment.html>

Mais detalhes sobre a lista de discussão SECURITY-L