SQL injection a top app security issue: Beauceron’s Shipley underscored the dangers of SQL injection, pointing out that the vulnerability was the first on the OWASP top 10 application security risks when the open source foundation was launched more than 20 years ago. The attack type has remained in the top spot for most of that time, “for good reason.””You don’t want these kinds of bugs to lead to remote code execution, [but] in multi-site setups of this service, that’s what you can get,” said Shipley.Victor Okorie, advisory director in the security and privacy practice at Info-Tech Research Group, agreed with Shipley’s assessment that SQL injection vulnerabilities are particularly dangerous.Most existing controls do not catch flaws like this, he pointed out, allowing for credential theft, enabling lateral movement due to the “implicit trust” of the EMS, and permitting manipulation and exfiltration of sensitive data. Attackers can execute unauthorized commands and bypass authentication completely, “which makes getting in a breeze.””The bad actor’s playbook consists of ‘get in,’ ‘take control,’ and ‘profit,’ and this is something we should always remember when reviewing vulnerabilities being exploited in the wild,” said Okorie.
Highlights importance of zero trust: Fortinet has been a prime target for threat actors of late, with attackers using AI to exploit weakly-protected firewalls, launching zero-day attacks against customer devices, and stealing FortiGate firewall credentials. The company has also been criticized for “silent” patching after disclosing zero-day vulnerabilities in some of its equipment.All told, the US Cybersecurity and Infrastructure Security Agency (CISA) lists 24 Fortinet vulnerabilities actively being exploited.This highlights the importance of a zero-trust architecture, said Okorie. Organizations should check whether their EMS is internet-facing, he advised; if it is, they should remove it from direct exposure to the internet and place it behind a secure access gateway. Enterprises should also inspect HTTP traffic logs for anomalous SQL syntax embedded within the ‘Site’ header.”Old dogs don’t really need new tricks, and that can be applicable here,” said Okorie. Because Fortinet vulnerabilities have been used in ransomware campaigns, “there is a sense of familiarity” for attackers, who continue to identify and exploit weaknesses.
Fortinet must be ‘more proactive’: “Fortinet seems to have an issue resolving entire bug classes,” added Beauceron’s Shipley. They seem to keep playing “bug whack-a-mole,” fixing the immediate problem but not taking the time to review codebases in depth to uncover the same flawed code in other areas.”Attackers, on the other hand, smell blood,” he noted. Once they find this kind of bug repeated, they will refine their hacking attempts to discover more instances of it.With AI tools speeding up attackers’ work, Fortinet must be more proactive on bug hunts, said Shipley. But that being said, he observed, the company’s revenue continued to grow in 2025 by more than 14%, “so the market isn’t exactly sending a strong signal that they should care [about this] more.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4152117/fortinet-hit-by-another-exploited-cybersecurity-flaw.html
