Security
Headlines
HeadlinesLatestCVEs

Headline

New Vulnerabilities Disclosed in SonicWall and Fortinet Network Security Products

SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information. Of the 15 shortcomings (tracked from CVE-2023-34123 through CVE-2023-34137), four

The Hacker News
#sql#vulnerability#web#ios#rce#auth#ssl#The Hacker News

Network Security / Vulnerability

SonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authentication and access sensitive information.

Of the 15 shortcomings (tracked from CVE-2023-34123 through CVE-2023-34137), four are rated Critical, four are rated High, and seven are rated Medium in severity. The vulnerabilities were disclosed by NCC Group.

The flaws impact on-premise versions of GMS 9.3.2-SP1 and before and Analytics 2.5.0.4-R7 and before. Fixes are available in versions GMS 9.3.3 and Analytics 2.5.2.

“The suite of vulnerabilities allows an attacker to view data that they are not normally able to retrieve,” SonicWall said. “This might include data belonging to other users, or any other data that the application itself is able to access. In many cases, an attacker can modify or delete this data, causing persistent changes to the application’s content or behavior.”

The list of critical flaws is as follows -

  • CVE-2023-34124 (CVSS score: 9.4) - Web Service Authentication Bypass
  • CVE-2023-34133 (CVSS score: 9.8) - Multiple Unauthenticated SQL Injection Issues and Security Filter Bypass
  • CVE-2023-34134 (CVSS score: 9.8) - Password Hash Read via Web Service
  • CVE-2023-34137 (CVSS score: 9.4) - Cloud App Security (CAS) Authentication Bypass

The disclosure comes as Fortinet disclosed a critical flaw affecting FortiOS and FortiProxy (CVE-2023-33308, CVSS score: 9.8) that could enable an adversary to achieve remote code execution under certain circumstances. It said the issue was resolved in a previous release, without an advisory.

“A stack-based overflow vulnerability [CWE-124] in FortiOS and FortiProxy may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection,” the company said in an advisory.

UPCOMING WEBINAR

Shield Against Insider Threats: Master SaaS Security Posture Management

Worried about insider threats? We’ve got you covered! Join this webinar to explore practical strategies and the secrets of proactive security with SaaS Security Posture Management.

Join Today

Impacted products include FortiOS versions 7.2.0 through 7.2.3 and 7.0.0 through 7.0.10 as well as FortiProxy versions 7.2.0 through 7.2.2 and 7.0.0 through 7.0.9. The versions that plug the security hole are listed below -

  • FortiOS version 7.4.0 or above
  • FortiOS version 7.2.4 or above
  • FortiOS version 7.0.11 or above
  • FortiProxy version 7.2.3 or above, and
  • FortiProxy version 7.0.10 or above

It’s worth noting that the flaw does not impact all versions of FortiOS 6.0, FortiOS 6.2, and FortiOS 6.4, and FortiProxy 1.x and FortiProxy 2.x.

For customers who cannot apply the updates immediately, Fortinet is recommending that they disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies with proxy mode.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related news

Sonicwall GMS 9.9.9320 Remote Code Execution

This Metasploit module exploits a series of vulnerabilities - including auth bypass, SQL injection, and shell injection - to obtain remote code execution on SonicWall GMS versions 9.9.9320 and below.

CVE-2023-33308: Fortiguard

A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.

CVE-2023-34123

Use of Hard-coded Cryptographic Key vulnerability in SonicWall GMS, SonicWall Analytics. This issue affects GMS: 9.3.2-SP1 and earlier versions; Analytics: 2.5.0.4-R7 and earlier versions.

Update now! Microsoft patches a whopping 130 vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: Microsoft Tags: Adobe Tags: Apple Tags: Android Tags: Cisco Tags: Fortinet Tags: MOVEit Tags: Mozilla Tags: SAP Tags: VMware Tags: CVE-2023-32049 Tags: CVE-2023-35311 Tags: CVE-2023-32046 Tags: CVE-2023-36874 Tags: CVE-2023-36844 For the July 2023 Patch Tuesday, Microsoft has issued security updates for 130 vulnerabilities, four of which are known to have been actively exploited. (Read more...) The post Update now! Microsoft patches a whopping 130 vulnerabilities appeared first on Malwarebytes Labs.

The Hacker News: Latest News

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign