VAPT

Description

The Fortinet FortiGate device (v6.0.3) is affected by CVE-2022-42475, a heap-based buffer overflow vulnerability in the SSL-VPN component allowing unauthenticated remote code execution. Exploitation provides root-level access to the device and a pivot point into the internal network.

Recommendation

Upgrade FortiOS to version 7.2.3 or later immediately. Apply network-level controls to restrict management plane access to authorised IP ranges. Review logs for indicators of exploitation.

Description

The Cisco Catalyst switch management interface (10.x.x.x) is accessible with factory default credentials (admin/admin). An attacker with network access can authenticate and modify switch configuration, enabling VLAN hopping or traffic interception.

Recommendation

Immediately rotate all network device credentials. Implement a privileged access management (PAM) solution. Restrict management interface access to a dedicated out-of-band network.

Description

LLMNR and NBT-NS poisoning are enabled across workstation subnets. An attacker positioned on the internal network can capture NTLMv2 challenge-response hashes and relay them to authenticate to other systems without cracking the underlying password.

Recommendation

Disable LLMNR and NBT-NS via Group Policy. Enable SMB signing on all hosts. Deploy network-based detection for LLMNR poisoning attempts.

Description

The customer-facing portal supports TLS 1.0 and 1.1 in addition to TLS 1.2. These older protocol versions are susceptible to POODLE and BEAST attacks and are deprecated per RFC 8996.

Recommendation

Disable TLS 1.0 and 1.1. Configure the server to support TLS 1.2 and 1.3 only, with strong cipher suites. Test changes in staging before production deployment.