今年初修補的Fortinet RCE漏洞已遭濫用攻擊
支付動態 · 2024-10-11
美國網路安全暨基礎架構安全管理署(CISA)在10月9日發布安全公告,將Fortinet今年2月修補的重大風險漏洞CVE-2024-23113列入已知被濫用漏洞名單
遭到濫用的漏洞為CVE-2024-23113,它是一個存在FortiOS fgfmd精靈程式的格式化字串漏洞,攻擊者可透過操弄輸入的叫呼訊息格式觸發,而在未經授權情況下在FortiOS上執行任意程式碼或指令。本漏洞風險值達9.8。Fortinet已在今年2月修補完成。
CVE-2024-23113影響Fortinet多項產品,包括FortiOS、代理伺服器FortiProxy、特權存取管理FortiPAM及集中管理平臺FortiSwitchManager。CISA呼籲美國聯邦政府單位應立即採取防護措施。
CVE-2024-23113是CISA新增入已知被濫用漏洞名單的三項漏洞之一。另二項為Ivanti服務的SQL程式碼注入及OS指令注入漏洞,業者已在本周稍早公告透過10月份更新修補。
Popular articles
Across 6 Cities: HUIDU Invites You to 8 World Cup Parties Redefining High-Value Social Networking
HUIDU Focus
GGC Awards 2026 Shines in Colombo: Honoring Leaders and Innovators in the iGaming Industry
HUIDU Focus
HUIDU Invites You to Booth T70 at iGB L!VE 2026 — Let’s Ignite London This July!
HUIDU Focus
Gaming & Technology Expo Makes a Powerful Entrance in CDMX
Marketing
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
Online gambling, crypto pose ongoing money laundering risks in Philippines, analyst says
Southeast Asia
PropellerAds Shared a New iGaming Case Study: 97,674 Installs and 12,701 Deposits in 3 Months
Marketing
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
Kazakhstan plans to penalise online casino promotions
Regulation
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
GAT CDMX 2025 Institutional Academy: Leaders and Experts Analyze the Present and Future of the Gaming Industry in Mexico and Lat
Sports Game
New Jersey July Gambling Revenue Hits $606M, Sweeps Casinos Banned
Regulation
