{"id":21606,"date":"2021-04-07T10:47:19","date_gmt":"2021-04-07T02:47:19","guid":{"rendered":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/?p=21606"},"modified":"2024-05-09T03:23:17","modified_gmt":"2024-05-08T19:23:17","slug":"%e3%80%90%e6%bc%8f%e6%b4%9e%e8%ad%a6%e8%a8%8a%e3%80%91%e7%be%8e%e5%9c%8b%e6%94%bf%e5%ba%9c%e8%ad%a6%e5%91%8afortinet%e8%bb%9f%e9%ab%94%e6%bc%8f%e6%b4%9e%e6%81%90%e9%81%ad%e5%9c%8b%e5%ae%b6%e9%a7%ad","status":"publish","type":"post","link":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/archives\/21606","title":{"rendered":"\u3010\u6f0f\u6d1e\u8b66\u8a0a\u3011\u7f8e\u570b\u653f\u5e9c\u8b66\u544aFortinet\u8edf\u9ad4\u6f0f\u6d1e\u6050\u906d\u570b\u5bb6\u99ed\u5ba2\u958b\u63a1\u3002\u8acb\u5b78\u6821\u7d44\u9577\u5011\u6ce8\u610f\uff0c\u5982\u6709\u4f7f\u7528fortinet\u8a2d\u5099\uff0c\u8a18\u5f97\u8981\u66f4\u65b0\u97cc\u9ad4\u3002"},"content":{"rendered":"

\u7f8e\u570b\u653f\u5e9c\u8b66\u544aFortinet\u8edf\u9ad4\u6f0f\u6d1e\u6050\u906d\u570b\u5bb6\u99ed\u5ba2\u958b\u63a1<\/h3>\n

\u5f71\u97ff\u7248\u672c:<\/p>\n

CVE-2018-13379<\/p>\n

Fortinet FortiOS\u00a06.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12<\/p>\n

CVE-2020-12812<\/p>\n

FortiOS\u00a06.4.0, 6.2.0 to 6.2.3, 6.0.9<\/p>\n

\n

FBI\u53caCISA\u767c\u73fe\u6709\u570b\u5bb6\u652f\u6301\u7684\u99ed\u5ba2\u7d44\u7e54\uff0c\u6b63\u5728\u91dd\u5c0d\u5c1a\u672a\u4fee\u88dcFortinet\u8edf\u9ad4\u5df2\u77e5\u6f0f\u6d1e\u7684\u4f7f\u7528\u55ae\u4f4d\u767c\u52d5\u6ef2\u900f\u653b\u64ca<\/p>\n

\u570b\u5bb6\u99ed\u5ba2\u5a01\u8105\u4e0d\u65b7\uff0c\u7e7cSolarWinds\u3001\u5fae\u8edfExchange Server\u4e4b\u5f8c\uff0c\u7f8e\u570b\u653f\u5e9c\u5468\u672b\u8b66\u544a\uff0c\u7db2\u8def\u5b89\u5168\u8a2d\u5099\u5546Fortinet\u8edf\u9ad4\u4e09\u9805\u6f0f\u6d1e\u6b63\u906d\u570b\u5bb6\u652f\u6301\u7684\u99ed\u5ba2\u6383\u7784\u53ca\u958b\u63a1\uff0c\u9810\u793a\u672a\u4f86\u7684\u653b\u64ca\u884c\u52d5\u3002<\/p>\n

\u7f8e\u570b\u806f\u90a6\u8abf\u67e5\u5c40\uff08FBI\uff09\u53ca\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u67b6\u69cb\u5b89\u5168\u7ba1\u7406\u7f72\uff08CISA\uff09\u6307\u51fa\uff0c\u4ed6\u5011\u89c0\u5bdf\u5230\u4e00\u500b\u9032\u968e\u6ef2\u900f\u5a01\u8105\uff08Advanced Persistent Threat\uff0cAPT\uff09\u7d44\u7e54\u6b63\u5728\u6383\u7784Fortinet\u7684\u50b3\u8f38\u57e04443\u30018443\u300110443\uff0c\u5c0b\u627e\u4f5c\u696d\u7cfb\u7d71\u8edf\u9ad4FortiOS\u4e0a\u7684\u6f0f\u6d1eCVE-2018-13379\uff0c\u4e26\u91dd\u5c0dFortinet\u88dd\u7f6e\u9032\u884c\u5217\u8209\u5206\u6790\uff08enumerate\uff09\uff0c\u4ee5\u958b\u63a1CVE-2019-5591\u548cCVE-2020-12812\u3002\u5df2\u6709\u591a\u5bb6\u653f\u5e9c\u3001\u5546\u696d\u7d44\u7e54\u53caISP\u906d\u5230\u9396\u5b9a\u3002<\/p>\n

\u4e09\u9805\u6f0f\u6d1e\u4e4b\u4e2d\uff0cCVE-2018-13379\u5141\u8a31\u99ed\u5ba2\u89e3\u8b80\u7cfb\u7d71\u6a94\u6848\uff0c\u9032\u800c\u767c\u73fe\u5132\u5b58\u7684\u660e\u6587\u5bc6\u78bc\uff0c\u518d\u767b\u5165\u7cfb\u7d71\u3002CVE-2019-5591\u53ef\u8b93\u99ed\u5ba2\u5728\u5b50\u7db2\u57df\u4e0b\u8a2d\u7acb\u5047LDAP\u4f3a\u670d\u5668\u4f86\u6514\u622a\u91cd\u8981\u8cc7\u8a0a\uff0cCVE-2020-12812\u5247\u8b93\u653b\u64ca\u8005\u7e5e\u904e\u591a\u56e0\u7d20\u9a57\u8b49\uff0c\u800c\u548c\u4e3b\u7cfb\u7d71\u5efa\u7acbSSL VPN\u9023\u7dda\u3002<\/p>\n

\u50b3\u7d71\u4e0a\uff0cAPT\u99ed\u5ba2\u653b\u64ca\u5df2\u77e5\u91cd\u5927\u6f0f\u6d1e\uff0c\u53ef\u80fd\u7684\u884c\u52d5\u5305\u62ec\u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\uff08DDoS\uff09\u3001\u52d2\u7d22\u8edf\u9ad4\u3001\u8cc7\u6599\u96b1\u78bc\u653b\u64ca\u3001\u9b5a\u53c9\u5f0f\u91e3\u9b5a\u653b\u64ca\u3001\u7f6e\u63db\u7db2\u9801\u5716\u6587\u6216\u88fd\u9020\u5047\u8cc7\u8a0a\u3002<\/p>\n

\u5728FortiOS\u7684\u653b\u64ca\u4e2d\uff0cFBI\u53caCISA\u76f8\u4fe1APT\u653b\u64ca\u8005\u53ef\u80fd\u8a08\u756b\u5229\u7528\u5176\u4e2d\u4e4b\u4e00\u6216\u6240\u6709\u4e09\u9805\u6f0f\u6d1e\u99ed\u5165\u4f01\u696d\u591a\u7a2e\u57fa\u790e\u67b6\u69cb\u8a2d\u5099\uff0c\u85c9\u6b64\u5b58\u53d6\u4e3b\u8981\u7db2\u8def\uff0c\u518d\u4ee5\u6b64\u70ba\u8d77\u9ede\uff0c\u65e5\u5f8c\u767c\u52d5\u8cc7\u6599\u5916\u6d29\u6216\u8cc7\u6599\u52a0\u5bc6\u653b\u64ca\uff0c\u4ed6\u5011\u4e5f\u53ef\u80fd\u5229\u7528\u5176\u4ed6\u6f0f\u6d1e\u6216\u9b5a\u53c9\u5f0f\u7db2\u8def\u91e3\u9b5a\uff08spearphishing\uff09\u7b49\u5e38\u898b\u958b\u63a1\u624b\u6cd5\uff0c\u99ed\u5165\u57fa\u790e\u67b6\u69cb\u7db2\u8def\u70ba\u672a\u4f86\u884c\u52d5\u505a\u6e96\u5099\u3002<\/p>\n

\u53bb\u5e7411\u6708\u5b89\u5168\u5ee0\u5546\u5728\u99ed\u5ba2\u8ad6\u58c7\u4e0a\u767c\u73fe\uff0c\u6709\u4eba\u515c\u552e\u7d045\u842c\u500b\u542b\u6709CVE-2018-13379\u6f0f\u6d1e\u7684Fortinet SSL VPN IP\u4f4d\u5740\uff0c\u6975\u53ef\u80fd\u5f15\u767c\u9019\u6ce2\u653b\u64ca\u3002<\/p>\n

FBI\u548cCISA\u547c\u7c72\u653f\u5e9c\u53ca\u6c11\u9593\u7d44\u7e54\u61c9\u5118\u901f\u4fee\u88dc\u9019\u4e09\u9805\u6f0f\u6d1e\u3002\u82e5\u6c92\u6709\u4f7f\u7528FortiOS\u8005\uff0c\u5247\u61c9\u5c07FortiOS\u7684\u4e3b\u8981\u7522\u51fa\uff08artifact\uff09\u6a94\u6848\u52a0\u5165\u5c01\u9396\u6e05\u55ae\uff0c\u9632\u6b62\u4efb\u4f55\u5b89\u88dd\u6216\u57f7\u884c\u7a0b\u5f0f\u6216\u76f8\u95dc\u6a94\u6848\u7684\u884c\u70ba\u3002<\/p>\n

\u5176\u4ed6\u5efa\u8b70\u63aa\u65bd\u5247\u65e8\u5728\u9632\u6b62\u8cc7\u6599\u88ab\u522a\u6539\uff0c\u7cfb\u7d71\u88ab\u975e\u6cd5\u5b58\u53d6\u6216\u5b89\u88dd\u8edf\u9ad4\uff0c\u50cf\u662f\u505a\u597d\u8cc7\u6599\u5099\u4efd\u3001\u654f\u611f\u8cc7\u6599\u5fa9\u539f\u8a08\u756b\uff0c\u5be6\u884c\u7db2\u8def\u9694\u96e2\u3001\u95dc\u9589\u672a\u4f7f\u7528\u7684RDP\u50b3\u8f38\u57e0\uff0c\u9650\u5236\u4e3b\u8981\u7cfb\u7d71\u7684\u4fee\u6539\u3001\u522a\u9664\u53ca\u8edf\u9ad4\u5b89\u88dd\uff0c\u5b9a\u671f\u8b8a\u66f4\u5bc6\u78bc\uff0c\u7a3d\u6838\u7528\u6236\u5e33\u865f\u6b0a\u9650\u7b49\uff0c\u53ca\u4f7f\u7528\u591a\u56e0\u7d20\u9a57\u8b49\uff08multi-factor authentication\uff09\u3002<\/p>\n

CVE-2018-13379<\/p>\n

An Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal\") in Fortinet FortiOS\u00a06.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12\u00a0under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests.<\/p>\n

CVE-2020-12812<\/p>\n

An improper authentication vulnerability in SSL VPN in FortiOS\u00a06.4.0, 6.2.0 to 6.2.3, 6.0.9\u00a0and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username.<\/p>\n

\u8cc7\u6599\u4f86\u6e90:\u00a0https:\/\/www.ithome.com.tw\/news\/143629<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

\u7f8e\u570b\u653f\u5e9c\u8b66\u544aFortinet\u8edf\u9ad4\u6f0f\u6d1e\u6050\u906d\u570b\u5bb6\u99ed\u5ba2\u958b\u63a1 <\/p>\n

\u5f71\u97ff\u7248\u672c:<\/p>\n

CVE-2018-13379<\/p>\n

Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12<\/p>\n

CVE-2020-12812<\/p>\n

FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9<\/p>\n

FBI\u53caCISA\u767c\u73fe\u6709\u570b\u5bb6\u652f\u6301\u7684\u99ed\u5ba2\u7d44\u7e54\uff0c\u6b63\u5728\u91dd\u5c0d\u5c1a\u672a\u4fee\u88dcFortinet\u8edf\u9ad4\u5df2\u77e5\u6f0f\u6d1e\u7684\u4f7f\u7528\u55ae\u4f4d\u767c\u52d5\u6ef2\u900f\u653b\u64ca<\/p>\n

\u570b\u5bb6\u99ed\u5ba2\u5a01\u8105\u4e0d\u65b7\uff0c\u7e7cSolarWinds\u3001\u5fae\u8edfExchange Server\u4e4b\u5f8c\uff0c\u7f8e\u570b\u653f\u5e9c\u5468\u672b\u8b66\u544a\uff0c\u7db2\u8def\u5b89\u5168\u8a2d\u5099\u5546Fortinet\u8edf\u9ad4\u4e09\u9805\u6f0f\u6d1e\u6b63\u906d\u570b\u5bb6\u652f\u6301\u7684\u99ed\u5ba2\u6383\u7784\u53ca\u958b\u63a1\uff0c\u9810\u793a\u672a\u4f86\u7684\u653b\u64ca\u884c\u52d5\u3002<\/p>\n

\u7f8e\u570b\u806f\u90a6\u8abf\u67e5\u5c40\uff08FBI\uff09\u53ca\u7db2\u8def\u5b89\u5168\u66a8\u57fa\u790e\u67b6\u69cb\u5b89\u5168\u7ba1\u7406\u7f72\uff08CISA\uff09\u6307\u51fa\uff0c\u4ed6\u5011\u89c0\u5bdf\u5230\u4e00\u500b\u9032\u968e\u6ef2\u900f\u5a01\u8105\uff08Advanced Persistent Threat\uff0cAPT\uff09\u7d44\u7e54\u6b63\u5728\u6383\u7784Fortinet\u7684\u50b3\u8f38\u57e04443\u30018443\u300110443\uff0c\u5c0b\u627e\u4f5c\u696d\u7cfb\u7d71\u8edf\u9ad4FortiOS\u4e0a\u7684\u6f0f\u6d1eCVE-2018-13379\uff0c\u4e26\u91dd\u5c0dFortinet\u88dd\u7f6e\u9032\u884c\u5217\u8209\u5206\u6790\uff08enumerate\uff09\uff0c\u4ee5\u958b\u63a1CVE-2019-5591\u548cCVE-2020-12812\u3002\u5df2\u6709\u591a\u5bb6\u653f\u5e9c\u3001\u5546\u696d\u7d44\u7e54\u53caISP\u906d\u5230\u9396\u5b9a\u3002<\/p>\n

\u4e09\u9805\u6f0f\u6d1e\u4e4b\u4e2d\uff0cCVE-2018-13379\u5141\u8a31\u99ed\u5ba2\u89e3\u8b80\u7cfb\u7d71\u6a94\u6848\uff0c\u9032\u800c\u767c\u73fe\u5132\u5b58\u7684\u660e\u6587\u5bc6\u78bc\uff0c\u518d\u767b\u5165\u7cfb\u7d71\u3002CVE-2019-5591\u53ef\u8b93\u99ed\u5ba2\u5728\u5b50\u7db2\u57df\u4e0b\u8a2d\u7acb\u5047LDAP\u4f3a\u670d\u5668\u4f86\u6514\u622a\u91cd\u8981\u8cc7\u8a0a\uff0cCVE-2020-12812\u5247\u8b93\u653b\u64ca\u8005\u7e5e\u904e\u591a\u56e0\u7d20\u9a57\u8b49\uff0c\u800c\u548c\u4e3b\u7cfb\u7d71\u5efa\u7acbSSL VPN\u9023\u7dda\u3002<\/p>\n

\u50b3\u7d71\u4e0a\uff0cAPT\u99ed\u5ba2\u653b\u64ca\u5df2\u77e5\u91cd\u5927\u6f0f\u6d1e\uff0c\u53ef\u80fd\u7684\u884c\u52d5\u5305\u62ec\u5206\u6563\u5f0f\u963b\u65b7\u670d\u52d9\uff08DDoS\uff09\u3001\u52d2\u7d22\u8edf\u9ad4\u3001\u8cc7\u6599\u96b1\u78bc\u653b\u64ca\u3001\u9b5a\u53c9\u5f0f\u91e3\u9b5a\u653b\u64ca\u3001\u7f6e\u63db\u7db2\u9801\u5716\u6587\u6216\u88fd\u9020\u5047\u8cc7\u8a0a\u3002<\/p>\n

\u5728FortiOS\u7684\u653b\u64ca\u4e2d\uff0cFBI\u53caCISA\u76f8\u4fe1APT\u653b\u64ca\u8005\u53ef\u80fd\u8a08\u756b\u5229\u7528\u5176\u4e2d\u4e4b\u4e00\u6216\u6240\u6709\u4e09\u9805\u6f0f\u6d1e\u99ed\u5165\u4f01\u696d\u591a\u7a2e\u57fa\u790e\u67b6\u69cb\u8a2d\u5099\uff0c\u85c9\u6b64\u5b58\u53d6\u4e3b\u8981\u7db2\u8def\uff0c\u518d\u4ee5\u6b64\u70ba\u8d77\u9ede\uff0c\u65e5\u5f8c\u767c\u52d5\u8cc7\u6599\u5916\u6d29\u6216\u8cc7\u6599\u52a0\u5bc6\u653b\u64ca\uff0c\u4ed6\u5011\u4e5f\u53ef\u80fd\u5229\u7528\u5176\u4ed6\u6f0f\u6d1e\u6216\u9b5a\u53c9\u5f0f\u7db2\u8def\u91e3\u9b5a\uff08spearphishing\uff09\u7b49\u5e38\u898b\u958b\u63a1\u624b\u6cd5\uff0c\u99ed\u5165\u57fa\u790e\u67b6\u69cb\u7db2\u8def\u70ba\u672a\u4f86\u884c\u52d5\u505a\u6e96\u5099\u3002<\/p>\n

\u53bb\u5e7411\u6708\u5b89\u5168\u5ee0\u5546\u5728\u99ed\u5ba2\u8ad6\u58c7\u4e0a\u767c\u73fe\uff0c\u6709\u4eba\u515c\u552e\u7d045\u842c\u500b\u542b\u6709CVE-2018-13379\u6f0f\u6d1e\u7684Fortinet SSL VPN IP\u4f4d\u5740\uff0c\u6975\u53ef\u80fd\u5f15\u767c\u9019\u6ce2\u653b\u64ca\u3002<\/p>\n

FBI\u548cCISA\u547c\u7c72\u653f\u5e9c\u53ca\u6c11\u9593\u7d44\u7e54\u61c9\u5118\u901f\u4fee\u88dc\u9019\u4e09\u9805\u6f0f\u6d1e\u3002\u82e5\u6c92\u6709\u4f7f\u7528FortiOS\u8005\uff0c\u5247\u61c9\u5c07FortiOS\u7684\u4e3b\u8981\u7522\u51fa\uff08artifact\uff09\u6a94\u6848\u52a0\u5165\u5c01\u9396\u6e05\u55ae\uff0c\u9632\u6b62\u4efb\u4f55\u5b89\u88dd\u6216\u57f7\u884c\u7a0b\u5f0f\u6216\u76f8\u95dc\u6a94\u6848\u7684\u884c\u70ba\u3002<\/p>\n

\u5176\u4ed6\u5efa\u8b70\u63aa\u65bd\u5247\u65e8\u5728\u9632\u6b62\u8cc7\u6599\u88ab\u522a\u6539\uff0c\u7cfb\u7d71\u88ab\u975e\u6cd5\u5b58\u53d6\u6216\u5b89\u88dd\u8edf\u9ad4\uff0c\u50cf\u662f\u505a\u597d\u8cc7\u6599\u5099\u4efd\u3001\u654f\u611f\u8cc7\u6599\u5fa9\u539f\u8a08\u756b\uff0c\u5be6\u884c\u7db2\u8def\u9694\u96e2\u3001\u95dc\u9589\u672a\u4f7f\u7528\u7684RDP\u50b3\u8f38\u57e0\uff0c\u9650\u5236\u4e3b\u8981\u7cfb\u7d71\u7684\u4fee\u6539\u3001\u522a\u9664\u53ca\u8edf\u9ad4\u5b89\u88dd\uff0c\u5b9a\u671f\u8b8a\u66f4\u5bc6\u78bc\uff0c\u7a3d\u6838\u7528\u6236\u5e33\u865f\u6b0a\u9650\u7b49\uff0c\u53ca\u4f7f\u7528\u591a\u56e0\u7d20\u9a57\u8b49\uff08multi-factor authentication\uff09\u3002<\/p>\n

CVE-2018-13379<\/p>\n

An Improper Limitation of a Pathname to a Restricted Directory (“Path Traversal\") in Fortinet FortiOS […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"_links":{"self":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/21606"}],"collection":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/comments?post=21606"}],"version-history":[{"count":0,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/posts\/21606\/revisions"}],"wp:attachment":[{"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/media?parent=21606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/categories?post=21606"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/webnas.bhes.ntpc.edu.tw\/wordpress\/wp-json\/wp\/v2\/tags?post=21606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}