all InfoSec news
CVE-2023-33299: Critical Remote Code Execution Vulnerability in FortiNAC
Cyber Exposure Alerts www.tenable.com
Fortinet has released a patch fixing a remote code execution vulnerability in several versions of FortiNAC
Background
On June 23, Fortinet published an advisory (FG-IR-23-074) that addresses a critical remote code execution vulnerability in FortiNAC, its Network Access Control solution:
CVE | Description | CVSSv3 | Severity |
---|---|---|---|
CVE-2023-33299 | Fortinet ForitNAC deserialization of untrusted data vulnerability | 9.6 | Critical |
In addition to CVE-2023-33299, Fortinet published an additional advisory (FG-IR-23-096) for a separate vulnerability in FortiNAC:
CVE | Description … |
---|
access access control addresses advisory code code execution control critical cve fortinac fortinet june network network access network access control patch remote code remote code execution severity solution vulnerability