[SECURITY-L] Fwd: Fortinet Releases Security Updates for Multiple Products
CSIRT Unicamp
security em unicamp.br
Terça Abril 9 16:54:41 -03 2024
===
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - Unicamp
Centro de Computacao - CCUEC
GnuPG Public Key: http://www.security.unicamp.br/security.asc [^]
Contato: +55 19 3521-2289 ou INOC-DBA: 1251*830
---------- Forwarded message ---------
De: CISA <CISA em messages.cisa.gov>
Date: ter., 9 de abr. de 2024 às 16:07
Subject: Fortinet Releases Security Updates for Multiple Products
To: <security em unicamp.br>
[image: Cybersecurity and Infrastructure Security Agency (CISA)]
You are subscribed to Cybersecurity Advisories for Cybersecurity and
Infrastructure Security Agency. This information has recently been updated,
and is now available.
Fortinet Releases Security Updates for Multiple Products
<https://www.cisa.gov/news-events/alerts/2024/04/09/fortinet-releases-security-updates-multiple-products>
04/09/2024 08:00 AM EDT
Fortinet released security updates to address vulnerabilities in multiple
products, including OS and FortiProxy. A cyber threat actor could exploit
some of these vulnerabilities to take control of an affected system.
CISA encourages users and administrators to review the following advisories
and apply necessary updates:
- FR-IR-23-345 FortiClientMac - Lack of configuration file validation
<https://www.fortiguard.com/psirt/FG-IR-23-345>
- FG-IR-23-493 FortiOS & FortiProxy - Administrator cookie leakage
<https://www.fortiguard.com/psirt/FG-IR-23-345%20%20%20https://www.fortiguard.com/psirt/FG-IR-23-493>
- FG-IR-23-087 FortiClient Linux - Remote Code Execution due to
dangerous nodejs configuration
<https://www.fortiguard.com/psirt/FG-IR-23-087>
This product is provided subject to this Notification
<https://www.cisa.gov/notification> and this Privacy & Use
<https://www.cisa.gov/privacy-policy> policy.
Having trouble viewing this message? View it as a webpage
<https://content.govdelivery.com/accounts/USDHSCISA/bulletins/3955c73>.
<https://content.govdelivery.com/accounts/USDHS/bulletins/292141e>
You are subscribed to updates from the Cybersecurity and Infrastructure
Security Agency <https://www.cisa.gov> (CISA)
Manage Subscriptions
<https://public.govdelivery.com/accounts/USDHSCISA/subscriber/edit?preferences=true#tab1>
| Privacy Policy <https://www.cisa.gov/privacy-policy> | Help
<https://subscriberhelp.granicus.com/s/article/Subscriber-Help-Center>
<https://insights.govdelivery.com/Communications/Subscriber_Help_Center>
Connect with CISA:
Facebook <https://www.facebook.com/CISA> | Twitter
<https://twitter.com/CISAgov> | Instagram <https://Instagram.com/cisagov>
| LinkedIn
<https://www.linkedin.com/company/cybersecurity-and-infrastructure-security-agency>
| YouTube <https://www.youtube.com/channel/UCxyq9roe-npgzrVwbpoAy0A>
------------------------------
This email was sent to security em unicamp.br using GovDelivery Communications
Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency · 707
17th St, Suite 4000 · Denver, CO 80202 [image: GovDelivery logo]
<https://subscriberhelp.granicus.com/>
-------------- Próxima Parte ----------
Um anexo em HTML foi limpo...
URL: <http://www.listas.unicamp.br/pipermail/security-l/attachments/20240409/f318e858/attachment.html>
Mais detalhes sobre a lista de discussão SECURITY-L