Happy #PatchTuesday from **Fortinet**: <li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-422"; target="_blank" rel="nofollow noopener">FG-IR-24-422</a> CVE-2024-52966 (2.3 low) Disclosure of Logs of Devices not belonging to the Current ADOM from Log View</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-261"; target="_blank" rel="nofollow noopener">FG-IR-23-261</a> CVE-2023-40721 (6.7 medium) FortiOS / FortiProxy / FortiPAM / FortiSwitchManager - Format string vulnerability in CLI commands</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-300"; target="_blank" rel="nofollow noopener">FG-IR-24-300</a> CVE-2024-52968 (6.7 medium) Improper Authentication in FortiMonitor Agent</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-279"; target="_blank" rel="nofollow noopener">FG-IR-23-279</a> CVE-2024-40586 (6.7 medium) Improper access control to FortiSslvpnNamedPipe</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-311"; target="_blank" rel="nofollow noopener">FG-IR-24-311</a> CVE-2024-40585 (6.5 medium) Insertion of sensitive information into Event log</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-063"; target="_blank" rel="nofollow noopener">FG-IR-24-063</a> CVE-2024-27781 (7.1 high) Multiple Reflected and Stored Cross-Site Scripting</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-147"; target="_blank" rel="nofollow noopener">FG-IR-24-147</a> CVE-2024-36508 (6.0 medium) Multiple arbitrary file deletion in the CLI</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-438"; target="_blank" rel="nofollow noopener">FG-IR-24-438</a> CVE-2024-50567 and CVE-2024-50569 (7.2 high) OS Command Injections</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-220"; target="_blank" rel="nofollow noopener">FG-IR-24-220</a> CVE-2024-40584 (7.2 high) OS command injection in external connector</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-25-015"; target="_blank" rel="nofollow noopener">FG-IR-25-015</a> CVE-2025-24470 (8.6 high) Off-by-slash vulnerability in Nginx config</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-302"; target="_blank" rel="nofollow noopener">FG-IR-24-302</a> CVE-2024-40591 (8.8 high) Permission escalation due to an Improper Privilege Management</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-23-324"; target="_blank" rel="nofollow noopener">FG-IR-23-324</a> CVE-2024-27780 (3.1 low) Reflected XSS (cross site scripting) in incident page</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-160"; target="_blank" rel="nofollow noopener">FG-IR-24-160</a> CVE-2024-35279 (8.1 high) Stack buffer overflow in fabric service</li><li><a href="https://fortiguard.fortinet.com/psirt/FG-IR-24-094"; target="_blank" rel="nofollow noopener">FG-IR-24-094</a> CVE-2024-33504 (4.1 medium) Use of Hard-coded Cryptographic Key to encrypt sensitive data</li>
Fortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of [exploitation](https://infosec.press/screaminggoat/vendor-verbiage ).
#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity
Not Simon 🐐
npub14g…xznd6
2025-02-11 17:45:27 UTC
in reply to nevent1q…cg8g
Author Public Key
npub14g0mj0fmn0sepfuhp2wupyk7d8xyz7rezpmrx2gfsav9vxlwxypq4xznd6Seen on
wss://relay.momostr.pinkPublished at
2025-02-11 17:45:27 UTCEvent JSON
{
"id": "71d04e4990009ac0502721a3c046e38944a37ef6ed147b1f4836236f62841417",
"pubkey": "aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102",
"created_at": 1739295927,
"kind": 1,
"tags": [
[
"e",
"31fe37ea949b57016a89374d925f929ecde46d422c5a8766798f44cca5e9704a",
"",
"root",
"aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102"
],
[
"t",
"cve"
],
[
"t",
"fortiproxy"
],
[
"t",
"vulnerability"
],
[
"t",
"fortinet"
],
[
"e",
"fab7118cfcd4935408e3d076e0386ce77d04ff2d4ec101e14a76825b865e274e",
"",
"reply",
"aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102"
],
[
"p",
"aa1fb93d3b9be190a7970a9dc092de69cc41787910763329098758561bee3102"
],
[
"t",
"fortios"
],
[
"t",
"patchtuesday"
],
[
"t",
"infosec"
],
[
"t",
"cybersecurity"
],
[
"t",
"fortiswitchmanager"
],
[
"proxy",
"https://infosec.exchange/@screaminggoat/113986497919466758",
"web"
],
[
"proxy",
"https://infosec.exchange/users/screaminggoat/statuses/113986497919466758",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://infosec.exchange/users/screaminggoat/statuses/113986497919466758",
"pink.momostr"
],
[
"-"
]
],
"content": "Happy #PatchTuesday from **Fortinet**: \u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-422\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-422\u003c/a\u003e CVE-2024-52966 (2.3 low) Disclosure of Logs of Devices not belonging to the Current ADOM from Log View\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-23-261\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-23-261\u003c/a\u003e CVE-2023-40721 (6.7 medium) FortiOS / FortiProxy / FortiPAM / FortiSwitchManager - Format string vulnerability in CLI commands\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-300\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-300\u003c/a\u003e CVE-2024-52968 (6.7 medium) Improper Authentication in FortiMonitor Agent\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-23-279\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-23-279\u003c/a\u003e CVE-2024-40586 (6.7 medium) Improper access control to FortiSslvpnNamedPipe\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-311\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-311\u003c/a\u003e CVE-2024-40585 (6.5 medium) Insertion of sensitive information into Event log\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-063\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-063\u003c/a\u003e CVE-2024-27781 (7.1 high) Multiple Reflected and Stored Cross-Site Scripting\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-147\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-147\u003c/a\u003e CVE-2024-36508 (6.0 medium) Multiple arbitrary file deletion in the CLI\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-438\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-438\u003c/a\u003e CVE-2024-50567 and CVE-2024-50569 (7.2 high) OS Command Injections\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-220\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-220\u003c/a\u003e CVE-2024-40584 (7.2 high) OS command injection in external connector\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-25-015\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-25-015\u003c/a\u003e CVE-2025-24470 (8.6 high) Off-by-slash vulnerability in Nginx config\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-302\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-302\u003c/a\u003e CVE-2024-40591 (8.8 high) Permission escalation due to an Improper Privilege Management\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-23-324\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-23-324\u003c/a\u003e CVE-2024-27780 (3.1 low) Reflected XSS (cross site scripting) in incident page\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-160\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-160\u003c/a\u003e CVE-2024-35279 (8.1 high) Stack buffer overflow in fabric service\u003c/li\u003e\u003cli\u003e\u003ca href=\"https://fortiguard.fortinet.com/psirt/FG-IR-24-094\" target=\"_blank\" rel=\"nofollow noopener\"\u003eFG-IR-24-094\u003c/a\u003e CVE-2024-33504 (4.1 medium) Use of Hard-coded Cryptographic Key to encrypt sensitive data\u003c/li\u003e\n\nFortinet downplays the CVSSv3.1 score by listing temporal only, I have listed base score instead. No mention of [exploitation](https://infosec.press/screaminggoat/vendor-verbiage ).\n\n#fortinet #fortios #fortiproxy #fortiswitchmanager #cve #vulnerability #infosec #cybersecurity",
"sig": "0f18454a49f67708702882d8b9e4ac8d08527424ea7656347df8968dcfab77a4b05558505ca5c86ed71c10ffc84df2f25741c0c1cc93561a6610d46596de82c3"
}