The Cisco and Fortinet brands are famous for their rock-solid stability supporting critical infrastructure networks. This is why when a vulnerability is discovered in their product lines, it’s imperative that IT departments act quickly in patching them.
Homeland Security has brought to our attention that several zero day vulnerabilities were announced in their product lines this week. You can bet that bad actors know that high value targets use Cisco and Fortinet and began scanning the web for weaknesses as soon as they were made public.
Full details on these vulnerabilities are available using the links below. Please be sure to patch your equipment ASAP if any of them apply to your infrastructure.
Cisco * CVE-2022-20812 and CVE-2022-20813: Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) (CVSS score: 9.0) * CVE-2022-20808: On-Prem Smart Software Manager)CVE-2022-20808: On-Prem Smart Software Manager (CVSS score: 7.4)
Fortinet * CVE-2021-43072 (CVSS score: 7.4) – Stack-based buffer overflow via crafted CLI execute command in FortiAnalyzer, FortiManager, FortiOS and FortiProxy * CVE-2021-41031 (CVSS score: 7.8) – Privilege Escalation via directory traversal attack in FortiClient for Windows * CVE-2022-30302 (CVSS score: 7.9) – Multiple path traversal vulnerabilities in FortiDeceptor management interface * CVE-2022-26117 (CVSS score: 8.0) – Unprotected MySQL root account in FortiNAC
Should the flaws be successfully exploited, it may allow an authenticated attacker to execute arbitrary code, retrieve and delete files, access databases, or even permit a local unprivileged actor to escalate to system level permissions.
I highly recommend you or your IT department review them.
Stay safe out there