Summary
Fortinet disclosed five vulnerabilities in its FortiSandbox platform, including four critical flaws that allow unauthenticated remote code execution. Threat intelligence reports indicate that attackers are actively exploiting these bugs to compromise security appliances and pivot into corporate networks.
Take Action:
If you run FortiSandbox, first make sure the appliance is isolated from the internet and its management interface is reachable only from trusted internal networks. Then immediately update to version 5.0.6 or 4.4.9 (or confirm your Cloud/PaaS is on 5.0.6+), The flaws are already being actively exploited and give attackers full control.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)