Log in
E-mail
Password
Remember
Forgot password ?
Become a member for free
Sign up
Sign up
New member
Sign up for FREE
New customer
Discover our services
Settings
Settings
Dynamic quotes 
OFFON

MarketScreener Homepage  >  Equities  >  Nasdaq  >  Fortinet, Inc.    FTNT

FORTINET, INC.

(FTNT)
  Report
SummaryQuotesChartsNewsRatingsCalendarCompanyFinancialsConsensusRevisions 
SummaryMost relevantAll NewsPress ReleasesOfficial PublicationsSector newsMarketScreener StrategiesAnalyst Recommendations

Fortinet : Leaking Browser URL/Protocol Handlers

12/03/2020 | 07:57pm EST

FortiGuard Labs Threat Research Report

Affected platforms: Windows, Linux
Impacted parties: Chrome, Firefox and Edge
Impact: Leaking sensitive data
Severity level: Medium
Assigned CVEs: CVE-2020-15680

An important step in any targeted attack is reconnaissance. The more information an attacker can obtain on the victim the greater the chances for a successful exploitation and infiltration. Recently, we uncovered two information disclosure vulnerabilities affecting three of the major web browsers which can be leveraged to leak out a vast range of installed applications, including the presence of security products, allowing a threat actor to gain critical insights on the target.

In this post we will discuss what are protocol handlers and disclose two information disclosure vulnerabilities affecting three major browsers (namely - Firefox, Edge and Chrome). Exploiting these vulnerabilities will enable a remote attacker to identify the presence of a vast amount of applications that may be installed on a targeted system.

Overview - What Are Protocol Handlers?

Generally speaking when talking about Protocol Handlers we are referring to a mechanism which allows applications to register their own URI scheme. This enables the execution of processes through the use of URI formatted strings.

The Windows OS manages custom URL handlers under the following key-

  • HKEY_CURRENT_USERSOFTWAREClasses*
  • HKEY_LOCAL_MACHINESOFTWAREClasses*
  • HKEY_CLASSES_ROOT*

When a URL Handler is invoked the OS is searching within those locations for keys containing values with the name 'URL Protocol'.

For instance, we can use regedit to inspect the path at HKEY_CLASSES_ROOTmsteams and see that it contains the special Value of 'URL Protocol'.

Disclaimer

Fortinet Inc. published this content on 03 December 2020 and is solely responsible for the information contained therein. Distributed by Public, unedited and unaltered, on 04 December 2020 00:56:06 UTC


© Publicnow 2020
All news about FORTINET, INC.
09:10aFORTINET : Realize 100% ROI in Five Years or Sooner with Fortinet Secure SD-WAN
PU
09:01aFORTINET : FortiGate 200F is Fortinet's Latest SD-WAN ASIC-powered Appliance, Ex..
AQ
08:09aGTT COMMUNICATIONS : Enhances Portfolio of Managed Security Services
AQ
05:56aFORTINET : Interface Shares its top 2021 Networking Predictions for Restaurants
AQ
01/15FORTINET : Providing Differentiated Managed Service Offerings with FortiSOAR
PU
01/14FORTINET : Extends Integration with VMware through Support for NSX-T Data Center..
PU
01/13FORTINET : What Makes SD-WAN More Than Just a Branch Solution?
PU
01/13FORTINET : Oppenheimer Adjusts Fortinet PT to $190 From $160, Maintains Outperfo..
MT
01/12FORTINET : New Variant of Ursnif Continuously Targeting Italy
PU
01/12FORTINET : DA Davidson Upgrades Fortinet to Buy From Neutral, Adjusts Price Targ..
MT
More news
Financials (USD)
Sales 2020 2 584 M - -
Net income 2020 475 M - -
Net cash 2020 1 577 M - -
P/E ratio 2020 52,0x
Yield 2020 -
Capitalization 23 787 M 23 787 M -
EV / Sales 2020 8,59x
EV / Sales 2021 7,21x
Nbr of Employees 8 075
Free-Float 83,5%
Chart FORTINET, INC.
Duration : Period :
Fortinet, Inc. Technical Analysis Chart | MarketScreener
Full-screen chart
Technical analysis trends FORTINET, INC.
Short TermMid-TermLong Term
TrendsBullishBullishBullish
Income Statement Evolution
Consensus
Sell
Buy
Mean consensus OUTPERFORM
Number of Analysts 30
Average target price 145,30 $
Last Close Price 146,53 $
Spread / Highest target 29,7%
Spread / Average Target -0,84%
Spread / Lowest Target -24,9%
EPS Revisions
Managers and Directors
NameTitle
Ken Xie Chairman & Chief Executive Officer
Michael Xie President, Director & Chief Technology Officer
Keith Franklin Jensen CFO, Chief Accounting Officer & Controller
Phil Quade Chief Information Security Officer
Christopher B. Paisley Independent Director
Sector and Competitors
1st jan.Capitalization (M$)
FORTINET, INC.-1.35%23 787
TATA CONSULTANCY SERVICES12.54%162 804
ACCENTURE PLC-2.89%160 874
INTERNATIONAL BUSINESS MACHINES CORPORATION1.99%114 403
INFOSYS LIMITED4.48%76 057
AUTOMATIC DATA PROCESSING, INC.-8.56%69 091