Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)

This article has been indexed from Help Net Security

A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, Fortinet has warned. The vulnerability affects the solutions’ fgfmsd daemon, and could be triggered by senging a specially crafted request to the fgfm port of a vulnerable device. Fortinet has provided security updates to fix the flaw, as well as workarounds if updating is impossible. About FortiManager and FortiAnalyzer FortiManager is an operations … More

The post Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589) appeared first on Help Net Security.

Read the original article: Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!