Fortinet’s security appliances hit by remote code execution vulnerability

Security appliance slinger Fortinet has warned of a critical vulnerability in its own FortiGate products which can be exploited to allow unauthenticated attackers full control over the target system – providing a particular daemon is enabled. The vulnerability, discovered by Orange Group security researcher Cyrille Chatras and sent to Fortinet privately for responsible disclosure, lies in the FortiManager and FortiAnalyzer software running atop selected models in the company’s FortiGate security appliance family.

Read full article on The Register