Fortinet has identified a critical vulnerability impacting its FortiADC application delivery controller that has the potential for arbitrary code execution. This flaw, categorized as CVE-2022-39947 with a CVSS score of 8.6, affects several FortiADC versions, including 7.0.0 to 7.0.2, 6.2.0 to 6.2.3, and several earlier versions down to 5.4.0.
According to Fortinet’s advisory, the vulnerability stems from improper handling of special elements in OS command processing. An authenticated attacker with access to the web interface could exploit this weakness via crafted HTTP requests, allowing for unauthorized code execution. Such a scenario could reflect tactics outlined in the MITRE ATT&CK framework under initial access and execution techniques, indicating a pattern often leveraged in web-based attacks.
To mitigate the risks associated with this vulnerability, users are urged to update their systems to FortiADC versions 6.2.4 or 7.0.2 as soon as they are released. The threat is significant given the breadth of affected versions, which could leave many users vulnerable if not promptly addressed.
In addition to this, Fortinet’s January 2023 patches also remediate command injection vulnerabilities in FortiTester, further showcasing the ongoing need for vigilance in protecting against such threats.
Zoho Releases Security Patch for SQL Injection Vulnerability
Meanwhile, enterprise software provider Zoho has issued a security advisory urging users to upgrade to the latest versions of its Access Manager Plus, PAM360, and Password Manager Pro. This comes in response to a severe SQL injection (SQLi) vulnerability assigned the identifier CVE-2022-47523.
This critical flaw affects several versions of Zoho’s products and could enable attackers to execute arbitrary queries, jeopardizing the integrity of underlying databases. Although specific details about the vulnerability remain undisclosed, Zoho has confirmed that it has implemented additional validation measures and special character escaping to resolve this issue.
These incidents underscore the importance of timely security updates and robust defensive strategies within software applications. Both Fortinet and Zoho highlight the pressing need for organizations to remain proactive in addressing vulnerabilities, particularly in an environment where threat actors are constantly evolving their tactics.
Given the nature and implications of these vulnerabilities, business owners must prioritize the applicability of the MITRE ATT&CK framework. Understanding adversary tactics, such as privilege escalation and exploitation of existing vulnerabilities, can aid organizations in refining their cybersecurity measures and response strategies.
As cyber threats continue to escalate, staying informed and ensuring that systems are up to date will be paramount for organizations aiming to protect their assets from potential breaches. Following industry advisories and promptly applying patches will play a critical role in maintaining a robust cybersecurity posture against emerging threats.