{"uuid": "b0720e6f-610e-4b18-a942-5c9d24800220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-39952", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/160", "content": "Fortinet FortiNAC CVE-2022-39952 Deep-Dive and IOCs\n\n\ud83d\udc64 by Zach Hanley\n\nOn Thursday, 16 February 2022, Fortinet released a PSIRT that details CVE-2022-39952, a critical vulnerability affecting its FortiNAC product. This vulnerability, discovered by Gwendal Gu\u00e9gniaud of Fortinet, allows an unauthenticated attacker to write arbitrary files on the system and as a result obtain remote code execution in the context of the root user.\n\n\ud83d\udcdd Contents:\n\u25cf Introduction\n\u25cf Extracting the System\n\u25cf The Vulnerability\n\u25cf Weaponization of the Issue\n\u25cf Indicators of Compromise\n\nhttps://www.horizon3.ai/fortinet-fortinac-cve-2022-39952-deep-dive-and-iocs/", "creation_timestamp": "2023-02-22T06:18:06.000000Z"}