CVE-2022-23441

A use of hard-coded cryptographic key vulnerability CWE-321 in FortiEDR versions 5.0.2, 5.0.1, 5.0.0, 4.0.0 may allow an unauthenticated attacker on the network to disguise as and forge messages from other collectors...

EUVD-2023-48607

Malicious code in bioql PyPI...

CVE-2022-39949

An improper control of a resource through its lifetime vulnerability CWE-664 in FortiEDR CollectorWindows 4.0.0 through 4.1, 5.0.0 through 5.0.3.751, 5.1.0 may allow a privileged user to terminate the FortiEDR processes with special tools and bypass the EDR protection...

The vulnerability of the protection mechanism for detecting and responding to security threats at FortiEDR endpoints lies in the use of a strictly encrypted cryptographic key. This allows attackers to gain unauthorized access to the protected information.

The vulnerability of the security tool for detecting and responding to security threats at end points in FortiEDR is related to the use of a strictly encrypted cryptographic key. Exploiting this vulnerability allows an attacker operating remotely to gain unauthorized access to protected informati...