CVE-2023-36635 - Exploiting Improper Access Control in Fortinet FortiSwitchManager — From Read-Only to Configuration Changes
CVE-2023-36635 is a recently disclosed vulnerability that directly affects Fortinet FortiSwitchManager—an essential piece of software often responsible for the configuration and management of FortiSwitches
CVE-2022-22305 - Unpacking Fortinet’s Certificate Validation Flaw for FortiManager, FortiAnalyzer, FortiOS, and FortiSandbox
In April 2022, a critical vulnerability—*CVE-2022-22305*—was uncovered in several products from Fortinet, a leading provider of cybersecurity solutions. This post will break down
CVE-2023-29182 - Understanding the FortiOS Stack-Based Buffer Overflow Vulnerability
*Published: June 2024*
Summary
CVE-2023-29182 is a serious stack-based buffer overflow vulnerability (CWE-121) affecting several versions of Fortinet’s FortiOS, the operating system powering FortiGate
CVE-2021-43072 - Buffer Overflow in Fortinet FortiAnalyzer, FortiManager, FortiOS, and FortiProxy – Details, Code, and Exploitation
In late 2021, security researchers and Fortinet discovered a serious vulnerability—CVE-2021-43072—that impacts several Fortinet products including FortiAnalyzer, FortiManager, FortiOS, and FortiProxy. This flaw
CVE-2022-22302 - Clear Text Storage of Fortinet Private Keys Exposes Apple Push & GCM Channels
In today's cyber landscape, keeping secret keys truly secret is foundational to digital security. But sometimes, critical lapses let attackers walk through the
Episode
00:00:00
00:00:00