Fortra® Security & Trust Center

Emerging Threats

OS Command Injection Vulnerability in GlobalProtect Gateway

Fri, 04/12/2024
Fortra is investigating a command injection vulnerability in the GlobalProtect Gateway in Palo Alto PAN-OS – CVE-2024-3400. The command injection allows an unauthenticated attacker to execute code on the device with root privileges. The vendor has announced mitigations for this vulnerability and is actively working on patches that are scheduled to be released on 04/14/2024.
Security Advisory

Privilege Escalation in Robot Schedule Enterprise Agent for Windows prior to version 3.04

Thu, 03/28/2024
Fortra's Robot Schedule Enterprise Agent for Windows prior to version 3.04 is susceptible to privilege escalation. A low-privileged user can overwrite the service executable. When the service is restarted, the replaced binary runs with local system privileges, allowing a low-privileged user to gain elevated privileges.
FI-2024-005
Critical
CVE-2024-0259
Security Advisory

Path Traversal in GoAnywhere MFT 7.4.1 and Earlier

Thu, 03/14/2024
A path traversal vulnerability exists in GoAnywhere MFT prior to 7.4.2 which allows attackers to circumvent endpoint-specific permission checks in the GoAnywhere Admin and Web Clients. Using a crafted URL, an unauthorized user may access pages within GoAnywhere. This may lead to information disclosure. In non-default configurations it may also allow web user self-registration in some...
FI-2024-004
Medium
CVE-2024-25156
Patch Tuesday
Blog

Patch Tuesday Update March 2024

By Tyler Reguly on Thu, 03/14/2024
This month’s Patch Tuesday drop includes a total of 65 CVEs – 61 issues by Microsoft, 3 issued by Chrome, and 1 issued by Intel. For those worried about the Intel update, which requires you apply both an Intel microcode update and a Microsoft update, it only applies to Atom processors.
Security Advisory

Multiple Vulnerabilities in FileCatalyst Direct

Wed, 03/13/2024
A pair of vulnerabilities exist within FileCatalyst Direct 3.8.8 and earlier. See the vulnerability descriptions below for additional details.
FI-2024-003
Medium
CVE-2024-25154
Security Advisory

Directory Traversal in FileCatalyst Workflow

Wed, 03/13/2024
A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be uploaded outside of the intended ‘uploadtemp’ directory with a specially crafted POST request. In situations where a file is successfully uploaded to web portal’s DocumentRoot, specially crafted JSP files could be used to execute code, including web shells.
FI-2024-002
Critical
CVE-2024-25153
Emerging Threats

JetBrains TeamCity Authentication Bypass

Tue, 03/05/2024
Fortra is investigating an authentication bypass vulnerability in JetBrains TeamCity – CVE-2024-27198. The authentication bypass allows an attacker to create an authentication token, which can then be used to perform remote code execution. The vendor has released an update to mitigate this vulnerability.Who is affected?All versions prior to JetBrains TeamCity 2023.11.4 are vulnerable to CVE-2024...
Emerging Threats

ConnectWise ScreenConnect Vulnerabilities

Wed, 02/28/2024
Fortra is investigating two vulnerabilities in ConnectWise ScreenConnect – CVE-2024-1708 and CVE-2024-1709 – which are being actively exploited in the wild. These vulnerabilities can allow an attacker to execute remote code or directly impact confidential data or critical systems. Customers using any on-premise version of ScreenConnect below 23.9.8 are recommended to update immediately.Who is...