FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
FortiRecon provides outside-in coverage for risks toward customers.
External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise.
The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc.
CVE ID
CVE-2023-29017
CVE Title
Remote Code Execution Vulnerability In vm2 (version 3.9.14 and prior) Sandbox Module
CVE Severity
Medium
ACI Reporting Coverage
1 Report (OSINT)
Additional References
2 public code repositories containing possible POC exploits for this vulnerability.
45 mentions on social media for this vulnerability.
EASM Scanner
No
CVE ID
CVE-2022-36067
CVE Title
Remote Code Execution Vulnerability In vm2 (version 3.9.10 and prior) Sandbox Module
CVE Severity
Medium
ACI Reporting Coverage
3 Reports (OSINT)
Additional References
2 public code repositories containing possible POC exploits for this vulnerability.
2 articles are referencing this CVE on the security blog.
241 mentions on social media for this vulnerability.
EASM Scanner
No
CVE ID
CVE-2023-29199
CVE Title
Node.js vm2 Module Code Execution
CVE Severity
Low
ACI Reporting Coverage
1 Report (OSINT)
Additional References
1 article referencing this CVE on the security blog.
215 mentions on social media for this vulnerability.
EASM Scanner
No
CVE ID
CVE-2023-30547
CVE Title
Node.js vm2 Module Code Execution
CVE Severity
Low
ACI Reporting Coverage
1 Report (OSINT)
Additional References
1 article referencing this CVE on the security blog.
115 mentions on social media for this vulnerability.
