Finaxiome - bulletins de sécurité

🔒
❌ À propos de FreshRSS
Il y a de nouveaux articles disponibles, cliquez pour rafraîchir la page.
À partir d’avant-hierFlux principal

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards

11 août 2022 à 18:00
Par : msrc
The Microsoft Bug Bounty Programs and partnerships with the global security research community are important parts of Microsoft’s holistic approach to defending customers against security threats. Our bounty programs incentivize security research in high-impact areas to stay ahead of the ever-changing security landscapes, emerging technology, and new threats. Security Researchers help us secure millions of …

Microsoft Bug Bounty Programs Year in Review: $13.7M in Rewards Read More »

Security Update Guide Notification System News: Create your profile now

9 août 2022 à 19:20
Par : msrc
Sharing information through the Security Update Guide (SUG) is an important part of our ongoing effort to help customers manage security risks and keep systems protected. In January 2022 we introduced Phase One of a new way for customers to receive email notifications about new Microsoft product security content using any email address, not just …

Security Update Guide Notification System News: Create your profile now Read More »

Congratulations to the MSRC 2022 Most Valuable Researchers!

8 août 2022 à 19:30
Par : msrc
The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure.  Today, we are excited to recognize this year’s top 100 Most Valuable Researchers (MVRs) based on the total number of points earned for each valid report. Congratulations …

Congratulations to the MSRC 2022 Most Valuable Researchers! Read More »

Microsoft Office to publish symbols starting August 2022

8 août 2022 à 11:30
Par : msrc
We are excited to announce that Microsoft Office will begin publishing Office symbols for Windows via the Microsoft Public Symbol Server on August 9th 2022. The publication of Office symbols is a part of our continuing investment to improve security and performance for customers and partners. Key Advantages for customers, partners, and Microsoft Security: Empowering …

Microsoft Office to publish symbols starting August 2022 Read More »

FortiADC - Unverified password change over the GUI

An unverified password change vulnerability [CWE-620] in FortiADC may allow an authenticated attacker to bypass the Old Password check in the password change form for the account the attacker is logged into or for others accounts except `admin` when the attacker has Read Write access on System via a crafted HTTP request .

FortiOS, FortiProxy, FortiADC and FortiMail - Format string vulnerability in command line interpreter

A format string vulnerability [CWE-134] in the command line interpreter of FortiOS, FortiProxy, FortiADC, and FortiMail may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.

FortiOS -- Inter-VDOM information leaking

An improper access control vulnerability [CWE-284] in FortiOS may allow an authenticated attacker with a restricted user profile to gather the checksum information about the other VDOMs via CLI commands.

FortiOS -- XSS vulnerability observed in the authentication replacement pages

An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page.

FortiEDR - Cross Site Scripting (XSS) vulnerabilities over the Management Console

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiEDR Central Manager may allow a remote authenticated attacker to perform a reflected cross site scripting attack (XSS) via injecting a malicious payload into the Management Console through various endpoints.

FortiAnalyzer & FortiManager - OS command injection vulnerability in CLI

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiAnalyzer & FortiManager may allow an authenticated attacker to execute arbitrary shell code as `root` user via `diagnose system` CLI commands.

FortiADC - Multiple SQL Injection vulnerabilities in the management interface

Multiple improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerabilities [CWE-89] in FortiADC management interface may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

FortiAnalyzer/FortiManager/FortiOS/FortiProxy - stack-based buffer overflow via crafted CLI execute command

A buffer copy without checking size of input ('Classic Buffer Overflow')  vulnerability [CWE-120] in FortiAnalyzer, FortiManager, FortiOS and FortiProxy may allow a privileged attacker to execute arbitrary code or command via crafted CLI `execute certificate remote`, `execute vpn certificate remote` and `execute restore image` operations with the TFTP protocol.

Multiple products - Integer overflow in dhcpd daemon

An integer overflow / wraparound vulnerability [CWE-190] in the FortiOS, FortiProxy, FortiSwitch, FortiRecoder, and FortiVoiceEnterprise dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.

FortiDeceptor - Path traversal vulnerability

Multiple relative path traversal vulnerabilities [CWE-23] in FortiDeceptor management interface may allow a remote and authenticated attacker to retrieve and delete arbitrary files from the underlying filesystem via specially crafted web requests.

FortiOS & FortiProxy - Stack-based buffer overflows in diagnostic CLI commands

A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS and FortiProxy may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.

FortiManager & FortiAnalyzer - Privilege escalation vulnerability

A privilege chaining vulnerability [CWE-268] in FortiManager and FortiAnalyzer may allow a local and authenticated attacker with a restricted shell to escalate their privileges to root due to incorrect permissions of some folders and executable files on the system.

FortiNAC - Unprotected MySQL root account

An empty password in configuration file vulnerability [CWE-258] in FortiNAC may allow an authenticated attacker to access the MySQL databases via the CLI.

FortiClient (Windows) - Privilege Escalation via directory traversal attack

A relative path traversal vulnerability [CWE-23] in FortiClient for Windows may allow a local unprivileged attacker to escalate their privileges to SYSTEM via the named pipe responsible for FortiESNAC service. 

FortiAuthenticator - XSS vulnerability in OWA login page

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiAuthenticator OWA Agent may allow an unauthenticated attacker to perform an XSS attack via crafted HTTP GET requests.
❌