Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
January 6, 2023Rewterz Threat Advisory –CVE-2022-41336 – Fortinet FortiPortal Vulnerability
January 6, 2023Rewterz Threat Alert – North Korea Linked Konni APT Group – Active IOCs
January 6, 2023Rewterz Threat Advisory –CVE-2022-41336 – Fortinet FortiPortal Vulnerability
January 6, 2023Severity
Medium
Analysis Summary
CVE-2022-45857
Fortinet FortiManager could allow a remote authenticated attacker to bypass security restrictions, caused by an incorrect user management flaw in the n incorrect user management. By sending a specially-crafted request, an attacker could exploit this vulnerability to access a FortiGate without a password via newly created VDOMs after the super_admin profiled admin account is deleted
Impact
- Bypass Security
Indicators Of Compromise
CVE
- CVE-2022-45857
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiManager 6.2.0
- Fortinet FortiManager 7.0.0
- Fortinet FortiManager 6.4.0
- Fortinet FortiManager 7.0.1
- Fortinet FortiManager 6.4.7
- Fortinet FortiManager 6.2.8
Remediation
Refer to Fortinet Security Advisory for patch, upgrade or suggested workaround information.