GRI

Fortinet Releases Security Updates for FortiOS and FortiProxy

News Cybersecurity English Guidance
Date: 9th Jan, 2024 Source: Cybersecurity and Infrastructure Security Agency Country: USA Original Source

Brief

Here is a summary of the provided document in 3-5 sentences:

The Cyber Defense Agency (CISA) issued an alert on January 9, 2024, regarding a security vulnerability in FortiOS and FortiProxy software. A cyber threat actor could exploit the vulnerability to take control of an affected system. CISA recommends users and administrators review the security bulletin and apply necessary updates to address the issue.

U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov

A .gov website belongs to an official government organization in the United States.

HTTPS

Secure .gov websites use HTTPS

A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

America’s Cyber Defense Agency

Alert

Release Date

Fortinet has released a security update to address a vulnerability in FortiOS and FortiProxy software. A cyber threat actor could exploit this vulnerability to take control of an affected system.

CISA encourages users and administrators to review the FG-IR-23-315 FortiOS & FortiProxy – Improper authorization for HA requests security bulletin and apply necessary updates.

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.

Related Advisories

Highlights content goes here...

Summary:

On January 9, 2024, America’s Cyber Defense Agency (ACDA) issued an Alert regarding a critical security vulnerability in FortiOS and FortiProxy software. The vulnerability, disclosed by Fortinet, could allow a cyber threat actor to exploit the system and take control of an affected network.

The vulnerability, identified as FG-IR-23-315, is an improper authorization for High Availability (HA) requests. This flaw could be exploited by an attacker to gain unauthorized access to the system, subsequently compromising the network’s security and data integrity.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a security bulletin, urging users and administrators to review the vulnerability and apply necessary updates to mitigate the risk. It is crucial for those affected to take immediate action to protect their systems from potential attacks.

In addition to the security update, ACDA invites users to share their thoughts and feedback through their anonymous product survey, which has recently been updated. This opportunity is available for those who wish to contribute to the improvement of the agency’s products and services.

Related Advisories:

No additional advisories were mentioned in the document.

Cybersecurity and Infrastructure Security Agency

Quick Insight
RADA.AI
RADA.AI
Hello! I'm RADA.AI - Regulatory Analysis and Decision Assistance. Your Intelligent guide for compliance and decision-making. How can i assist you today?
Suggested
Related Documents
Reviewed supervisors overall applied the EBA’s recommendations on tax integrity and dividend arbitrage trading schemes, the EBA Report finds
Date: 6th Feb, 2025 Source: European Banking Authority (EBA) Country: European Union
News Tax & Compliance Guidance
CH403260 – Calculating penalties: special reduction: when to consider Special Reduction
Date: 6th Feb, 2025 Source: Her Majesty’s Revenue and Customs (HMRC) Country: United Kingdom
News Tax & Compliance Guidance
VAT Partial Exemption Guidance
Date: 6th Feb, 2025 Source: Her Majesty’s Revenue and Customs (HMRC) Country: United Kingdom
News Tax & Compliance Guidance

Form successfully submitted. One of our GRI rep will contact you shortly

Thanking You!

Click here

Enter your Email

Enter your registered username/email id.

Enter your Email

Enter your email id below to signup.

Enter your Email

Enter your email id below to signup.
Individual Plan
  • Designed for Growing Compliance Teams
$125 / month OR $1250 / year
Features
  • • Coverage for 20 jurisdictions
  • • Monitoring from 500+ regulatory authorities
  • • AI compliance summaries
  • • RaDa.ai : Single-Role
Best for: Researchers, Legal professionals, Academics
Subscribe Now
Enterprise Plan
  • Perfect for Global Enterprises
Contact for Pricing
Features
  • • Custom jurisdictional coverage
  • • Custom monitoring of regulatory authorities
  • • RaDa.ai : Customizable multi-role
  • • Custom reporting and dashboard capabilities
  • • API access for seamless integration
Best for: Law Firms, Corporations, Government Bodies
Contact Sales