Fortinet Addresses Critical Vulnerabilities Across Product Line: From Command Injection to DLL Hijacking
The US cybersecurity agency CISA updated its Known Exploited Vulnerabilities (KEV) catalog on Thursday to include flaws in Sophos, Oracle, and Microsoft products. Among these vulnerabilities, Fortinet disclosed a critical OS command injection vulnerability within the FortiSIEM report server, potentially enabling remote attackers to execute malicious commands via crafted API requests. FortiSIEM, Fortinet’s security information …