The recently exploited vulnerability in Fortinet's FortiOS, identified as CVE-2024-23113, is a critical remote code execution (RCE) flaw. This vulnerability is caused by an issue in the fgfmd daemon, which manages authentication requests and keep-alive messages between FortiGate and FortiManager. Specifically, it involves the daemon accepting an externally

Advisory ID: CVE-2024-43572 Release Date: October 2024 Severity: Critical Affected Software: Windows Management Console Description The vulnerability in the Windows Management Console (WMC) could allow an attacker to execute arbitrary code by exploiting improper input validation. Successful exploitation may enable an attacker to run commands with elevated privileges or install

Summary A critical vulnerability known as "UnOAuthorized" has been discovered in Microsoft Entra ID (formerly Azure Active Directory). This vulnerability allows attackers with specific administrative roles, such as Application Administrator or Cloud Application Administrator, to escalate their privileges to Global Administrator. This escalation is made possible due to