Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Holiday badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDevSec
- FortiDeceptor
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiHypervisor
- FortiGuard
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
- Fortinet Community
- Knowledge Base
- FortiRecon
- Outbreak Alert: Palo Alto Expedition Missing Authe...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
|
FortiRecon Digital Risk Protection (DRP), a SaaS-based service, includes External Attack Surface Management, Brand Protection, and Adversary Centric Intelligence. Adversary Centric Intelligence (ACI): leverages FortiGuard Threat Analysis to provide comprehensive coverage of dark web, open-source, and technical threat intelligence, including threat actor insights to enable organizations to respond proactively assess risks, respond faster to incidents, better understand their attackers, and guard assets. The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.
|
|
| CVE ID | CVE-2024-9465 |
| CVE Title | An SQL injection vulnerability in Palo Alto Networks Expedition allows... |
| NVD Severity | CRITICAL |
| FortiRecon Severity | MEDIUM |
| FortiRecon Score | 69/100 |
| Exploited | No |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | No |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 2 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 1 (لواء محمد ﷺ) |
| FortiRecon Intelligence Reporting(s) | 2 (OSINT) |
| Vendor Advisory: | |
| CVE ID | CVE-2024-9464 |
| CVE Title | An OS command injection vulnerability in Palo Alto Networks Expedition... |
| NVD Severity | MEDIUM |
| FortiRecon Severity | LOW |
| FortiRecon Score | 30/100 |
| Exploited | No |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | No |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 1 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 1 (لواء محمد ﷺ) |
| FortiRecon Intelligence Reporting(s) | 2 (OSINT), 1 (FortiGuard Research) |
| Vendor Advisory: |
| CVE ID | CVE-2024-9463 |
| CVE Title | An OS command injection vulnerability in Palo Alto Networks Expedition... |
| NVD Severity | HIGH |
| FortiRecon Severity | Medium |
| FortiRecon Score | 65/100 |
| Exploited | No |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | No |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 0 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 1 (لواء محمد ﷺ) |
| FortiRecon Intelligence Reporting(s) | 2 (OSINT) |
| Vendor Advisory: |
| CVE ID | CVE-2024-5910 |
| CVE Title | Palo Alto Expedition Missing Authentication Vulnerability |
| NVD Severity | Not Assigned |
| FortiRecon Severity | Critical |
| FortiRecon Score | 90/100 |
| Exploited | Yes |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | Yes |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 0 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 0 |
| FortiRecon Intelligence Reporting(s) | 2 (FortiGuard Research), 4 (OSINT) |
| Vendor Advisory: |
| Index | Fields |
|---|
| Alert Email | CVE ID | Action |
|---|
| CVE ID | CVE-2024-9467 |
| CVE Title | A reflected XSS vulnerability in Palo Alto Networks Expedition enables... |
| NVD Severity | MEDIUM |
| FortiRecon Severity | LOW |
| FortiRecon Score | 0/100 |
| Exploited | No |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | No |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 0 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 0 |
| FortiRecon Intelligence Reporting(s) | 1 (OSINT) |
| Vendor Advisory: |
| Index | Fields |
|---|
| Alert Email | CVE ID | Action |
|---|
| CVE ID | CVE-2024-9466 |
| CVE Title | A cleartext storage of sensitive information vulnerability in Palo Alto... |
| NVD Severity | MEDIUM |
| FortiRecon Severity | LOW |
| FortiRecon Score | 15/100 |
| Exploited | No |
| Exploited by Ransomware Group(s) | No |
| Exploited by APT Group(s) | No |
| Included in CISA KEV List | No |
| Available working exploit(s) | 0 |
| Available POC exploit(s) | 1 |
| Darknet Mention(s) | 0 |
| Telegram Mention(s) | 0 |
| FortiRecon Intelligence Reporting(s) | 2 (OSINT) |
| Vendor Advisory: |
| Index | Fields |
|---|
| Alert Email | CVE ID | Action |
|---|
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.