Fortinet Patches Critical RCE Vulnerability in FortiNAC â Source: www.securityweek.com>
Fortinet recently released patches to address a critical remote code execution (RCE) vulnerability in FortinAC, its software for controlling access to corporate networks. The issue affects versions of FortinAC up to and including version 6.4.4, and it was first discovered and reported to Fortinet by the Centre for Internet Security on June 23. According to Fortinetâs security advisory, attackers could exploit the vulnerability to inject and execute arbitrary code on affected systems. The RCE vulnerability was assigned a CVSS score of 10, making it the most severe security rating possible. Fortinet has already released patches for the new versions 6.4.5 and 6.3.5, and users should update their systems immediately to protect against malicious exploitation.
Link: https://ciso2ciso.com/fortinet-patches-critical-rce-vulnerability-in-fortinac-source-www-securityweek-com/