FortiRecon
FortiRecon is a digital risk protection (DRP) service that allows customers to gain visibility of their digital attack surface, receive targeted threat intelligence, and reduce organisational risk.
Bhumit_Mali
Staff
Staff
Article Id 252184

FortiRecon provides outside-in coverage for risks toward customers. 

  

External Attack Surface Management helps customers to identify exposure to known and unknown enterprise assets and associated vulnerabilities across the enterprise. 

  

The Vulnerability Intelligence Module under Adversary Centric Intelligence (ACI) provides a realistic view of the impact of the vulnerability based upon chatter and discussion of the same across various external sources such as Darkweb, social media, News / Blogs etc. 

CVE ID 

CVE-2023-29017

CVE Title 

Remote Code Execution Vulnerability In vm2 (version 3.9.14 and prior) Sandbox Module

CVE Severity 

Medium

ACI Reporting Coverage 

1 Report (OSINT) 

Additional References 

  • 2 public code repositories containing possible POC exploits for this vulnerability.
  • 45 mentions on social media for this vulnerability. 

EASM Scanner 

No 

 

 

CVE ID 

CVE-2022-36067

CVE Title 

Remote Code Execution Vulnerability In vm2 (version 3.9.10 and prior) Sandbox Module

CVE Severity 

Medium

ACI Reporting Coverage 

3 Reports (OSINT) 

Additional References 

  • 2 public code repositories containing possible POC exploits for this vulnerability.
  • 2 articles are referencing this CVE on the security blog. 
  • 241 mentions on social media for this vulnerability. 

EASM Scanner 

No 

 

 

CVE ID 

CVE-2023-29199

CVE Title 

 Node.js vm2 Module Code Execution

CVE Severity 

 Low

ACI Reporting Coverage 

 1 Report (OSINT)

Additional References 

  • 1 article referencing this CVE on the security blog. 
  • 215 mentions on social media for this vulnerability. 

EASM Scanner 

No 

 

 

CVE ID 

CVE-2023-30547

CVE Title 

 Node.js vm2 Module Code Execution

CVE Severity 

 Low

ACI Reporting Coverage 

1 Report (OSINT) 

Additional References 

  • 1 article referencing this CVE on the security blog. 
  • 115 mentions on social media for this vulnerability. 

EASM Scanner 

No