Shielding Against CVE-2023-27997
During a red team assessment for a client, Charles Fol and Dany Bach from LEXFO, discovered a heap overflow bug in Fortigate’s SSL VPN that can be exploited to achieve remote code execution on Fortigate instances. This vulnerability is reachable without authentication, and can be used to execute arbitrary code on vulnerable systems, which could […]
Shielding Against CVE-2021-44228 IOCs
On December 9th, the CVE-2021-44228 Apache Log4j RCE was released publicly. Before the threats were made public, Centripetal CleanINTERNET shielded this threat proactively and saved our customers valuable time, reputation, and the risk of non-compliance by preventing any compromise associated with this vulnerability. Many organizations are likely to be impacted by this vulnerability without understanding […]
