Vulnerabilities Found in the Information Infrastructure of More Than 10 Organizations in the Republic of Uzbekistan Using “FORTINET” Products

UZCERT has identified these vulnerabilities in the information infrastructure of more than 10 organizations located in the Republic of Uzbekistan. We request government agencies and other organizations using “FORTINET” products to follow the recommendations below to mitigate these vulnerabilities:

Update the Software: Upgrade to FortiOS version 7.0.17 or higher and FortiProxy version 7.2.13 or higher.
Restrict Access: Disable HTTP/HTTPS management interfaces or allow access only from trusted IP addresses.
Monitor the Network: Pay attention to signs such as unauthorized account creation or changes to firewall settings.
Update User Logins and Passwords: Set a strong password for the administrator account and implement mechanisms to prevent unlimited requests during the authentication process.

User Password Requirements:

The password must be at least 8 characters long;
It must include Latin letters (A-z), numbers (0-9), and special characters;
The alphabetic part of the password must include both uppercase and lowercase letters;
At least one special character must be used in the password ( . , : ; ? ! * + % – @ _ $ # ).

Computer Emergency
Response Team

Computer Emergency
Response Team

Vulnerabilities Found in the Information Infrastructure of More Than 10 Organizations in the Republic of Uzbekistan Using “FORTINET” Products

Malware is Being Spread to macOS and Windows Systems via 10,000 WordPress Sites

Hellcat Ransomware: Attacks on Organizations via the RaaS Model Are on the Rise

Hackers Exploit New Zyxel Vulnerability to Execute Arbitrary Commands Remotely