Impact: High/Critical
TLP Rating: Clear 
Fortinet Releases Security Updates for FortiClient and FortiGate
Release Date: 14th of October 2023
CERT Vanuatu (CERTVU) and the Office of the Chief Information Officer (OGCIO) provide the following advisory.
What is it?
Fortinet has released security advisories addressing vulnerabilities in FortiClient and FortiGate. Cyber threat actors may exploit some of these vulnerabilities to take control of an affected system.
CERTVU encourages all users and administrators to review the following advisories and apply the necessary updates.
- FG-IR-22-299: FortiClient (Windows) - Arbitrary file deletion from unprivileged users
- FG-IR-23-274: FortiClient (Windows) - DLL Hijacking via openssl.cnf
- FG-IR-23-385: curl and libcurl CVE-2023-38545 and CVE-2023-38546 vulnerabilities
What should I do to Stay Safe?
CERT Vanuatu encourages users and administrators to review all Security Advisory and apply the necessary updates.
Reference
- Download Advisory (English): Fortinet Releases Security Updates for FortiClient and FortiGate
- Download advisory (Bislama): Fortinet i Rilisim olgeta Sekuriti Apdeit blong FortiClient mo FortiGate
- Download advisory (French): Mises à jour de sécurité par Fortinet pour FortiClient et FortiGate