Fortinet plugs RCE hole in FortiManager and FortiAnalyzer (CVE-2021-32589)

A vulnerability (CVE-2021-32589) in FortiManager and FortiAnalyzer could be exploited by remote, non-authenticated attackers to execute unauthorized / malicious code as root, Fortinet has warned. The vulnerability affects the solutions’ fgfmsd daemon, and could be triggered by senging a specially crafted request to the fgfm port of a vulnerable device.

Read full article on Help Net Security