PRIVATE_FEEDS/CVE_VULN_FEED/CVE-2020-9294.1-fortimail_0day/alert_text.md

a critical vuln exists in FortiMail (Auth-Bypass) with not much info, except:

---

Authentication bypass in FortiMail and FortiVoiceEnterprise

FML ID: FG-IR-20-045 CVE ID: CVE-2020-9294

Please upgrade to the following versions ASAP:

FortiMail versions 5.4.11 or above
FortiMail versions 6.0.8 or above
FortiMail versions 6.2.3 or above
FortiVoiceEnterprise versions 6.0.3 or above

Due to the ability to exploit this issue remotely, Fortinet is strongly recommending all customers with the vulnerable versions to perform an immediate upgrade.

---

please also note, that an threat actor is trying to sell a 0day against fortimail:

https://twitter.com/underthebreach/status/1251979725762973696

we found various IPs in your ORG/ASN, matching criteria for possible vulnerable systems

please find a list of affected IPs below and more information on that problem here:

• https://www.reddit.com/r/fortinet/comments/g61udf/authentication_bypass_in_fortimail_and/
• https://zero.bs/sb2013-auth-bypass-in-fortimail-and-fortivoice-cve-2020-9294.html