Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
October 6, 2023Rewterz Threat Alert – Microsoft Users Targeted by EvilProxy Phishing Kit Exploiting Indeed.com Vulnerability – Active IOCs
October 6, 2023Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
October 6, 2023Rewterz Threat Alert – Microsoft Users Targeted by EvilProxy Phishing Kit Exploiting Indeed.com Vulnerability – Active IOCs
October 6, 2023Severity
Medium
Analysis Summary
CVE-2021-44172
Fortinet FortiClientEMS could allow a remote attacker to obtain sensitive information, caused by a flaw in the sign-in homepage. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain environment variables information, and use this information to launch further attacks against the affected system.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2021-44172
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiClientEMS 6.2
- Fortinet FortiClientEMS 7.0.0
- Fortinet FortiClientEMS 7.0.4
- Fortinet FortiClientEMS 6.4
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.