Fortinet patched multiple security vulnerabilities on April 10, 2024, including a critical remote code execution (RCE) flaw in FortiClientLinux.

The most severe vulnerability, identified as CVE-2023-45590, could allow attackers to run arbitrary code via a malicious website without user authentication.

Remediation details for affected versions were released to address a total of twelve vulnerabilities.

Security researcher CataLpa from Dbappsecurity was credited with reporting the critical RCE issue.

Though no active exploitations have been reported, users are encouraged to update their software immediately.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory to update Fortinet appliances to mitigate the risk of exploitation by cyber threat actors.