Number: AV22-246
Date: 3 May 2022

On 3 May 2022 Fortinet published Security Advisories to address vulnerabilities in the following products:

  • FortiFone – version 3.0.11 and prior
  • FortiIsolator – version 2.3.2 and prior
  • FortiClientWindows – multiple versions

Exploitation of these vulnerabilities could lead to unauthorized access, remote code execution or privilege escalation.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

FortiFone – Multiple vulnerabilities in PJSIP library (FG-IR-22-007)

FortiIsolator – Unauthorized user able to regenerate CA certificate (FG-IR-21-040)

FortiFone – Privilege escalation in FortiClient installer (FG-IR-21-154)

Fortinet PSIRT Advisories

Source link