Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2020-15936: Fortiguard

A improper input validation in Fortinet FortiGate version 6.4.3 and below, version 6.2.5 and below, version 6.0.11 and below, version 5.6.13 and below allows attacker to disclose sensitive information via SNI Client Hello TLS packets.

CVE
Open in Source
#vulnerability#web#ios

PSIRT Advisories

FortiOS - Bypassing FortiGate security profiles via SNI in Client Hello

Summary

An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiOS may allow a privileged attacker to disclose sensitive information via SNI Client Hello TLS packets.

Affected Products

Forti​OS version 6.4.3 and below
Forti​OS version 6.2.5 and below
Forti​OS version 6.0.11 and below

Solutions

Given that there is no systematic way to detect all exfiltration attempts and to exhaustively enumerate all possibilities offered by exfiltration channels, Fortinet has addressed the issue by releasing a set of signatures:

  1. Python/SNICat.A!exploit
    https://www.fortiguard.com/encyclopedia/virus/10069638

  2. SNIcat.Data.Exfiltration.Tool
    https://www.fortiguard.com/encyclopedia/ips/50952

References

  • https://community.fortinet.com/t5/FortiGate/Technical-Tip-Bypassing-FortiGate-web-filter-profile-by-using/ta-p/200212

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE