Analytics Story: Fortinet FortiNAC CVE-2022-39952

Description

On Thursday, 16 February 2023, Fortinet released a PSIRT that details CVE-2022-39952, a critical vulnerability affecting its FortiNAC product (Horizon3.ai).

Why it matters

This vulnerability, discovered by Gwendal Guegniaud of Fortinet, allows an unauthenticated attacker to write arbitrary files on the system and as a result obtain remote code execution in the context of the root user (Horizon3.ai). Impacting FortiNAC, is tracked as CVE-2022-39952 and has a CVSS v3 score of 9.8 (critical). FortiNAC is a network access control solution that helps organizations gain real time network visibility, enforce security policies, and detect and mitigate threats. An external control of file name or path vulnerability CWE-73 in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system, reads the security advisory.

Detections

Name ▲▼ Technique ▲▼ Type ▲▼
Exploit Public-Facing Fortinet FortiNAC CVE-2022-39952 Exploit Public-Facing Application, External Remote Services TTP

Data Sources

Name ▲▼ Platform ▲▼ Sourcetype ▲▼ Source ▲▼
Palo Alto Network Threat Network icon Network pan:threat pan:threat

References


Source: GitHub | Version: 1