Rewterz Threat Alert – Emotet – Active IOCs
June 9, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
June 9, 2022Rewterz Threat Alert – Emotet – Active IOCs
June 9, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
June 9, 2022Severity
High
Analysis Summary
CVE-2022-29060
Fortinet FortiDDoS could allow a remote attacker to bypass security restrictions, caused by use of a hard-coded cryptographic key in the FortiDDoS API. An attacker could exploit this vulnerability to retrieve the key from one device and sign JWT tokens for any device.
Impact
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-29060
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiDDoS 5.5.0
- Fortinet FortiDDoS 5.5.1
- Fortinet FortiDDoS 5.4.0
- Fortinet FortiDDoS 5.4.1
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.