Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
March 10, 2023Rewterz Threat Advisory – CVE-2022-22297 – Fortinet FortiWeb and Fortinet FortiRecorder Vulnerability
March 10, 2023Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs
March 10, 2023Rewterz Threat Advisory – CVE-2022-22297 – Fortinet FortiWeb and Fortinet FortiRecorder Vulnerability
March 10, 2023Severity
Medium
Analysis Summary
CVE-2023-25611 CVSS:4
Fortinet FortiAnalyzer could allow a remote authenticated attacker to execute arbitrary code on the system, caused by a CSV injection vulnerability. By putting spreadsheet formulas in macro names, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-23776 CVSS:4.6
Fortinet FortiAnalyzer could allow a remote authenticated attacker to obtain sensitive information. By making a log-fetch request, an attacker could exploit this vulnerability to obtain the client machine password in plain text and use this information to launch further attacks against the affected system.
Impact
- Code Execution
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2023-25611
- CVE-2023-23776
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiAnalyzer 6.4.4
- Fortinet FortiAnalyzer 6.4.5
- Fortinet FortiAnalyzer 6.4.6
- Fortinet FortiAnalyzer 7.0.0
- Fortinet FortiAnalyzer 7.2.0
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.