by Information security company Fortinet patched major vulnerabilities CVE-2022-39952 and CVE-2021-42756 this week. These vulnerabilities are respectively related to the brand’s network access control system (NAC) and web application firewall (WAF). The point is that attackers can exploit it without being authenticated. The researchers disclosed the vulnerabilities CVE-2022-45788 and CVE-2022-45789 in Schneider Electric PLC, and pointed out that these vulnerabilities can be chained and exploited to allow attackers to remotely execute arbitrary code (RCE). The recent attacks of the malware FatalRAT are also noteworthy. Although hackers mainly target users who use Simplified Chinese, there are also victims in Taiwan.
