Multiple Fortinet Vulnerabilities Let Attackers Execute Code


Multiple vulnerabilities have been discovered in FortiOS and FortiProxy that were related to administrator cookie leakage, arbitrary command execution and sensitive information exposure.

These vulnerabilities have been assigned with CVEs as CVE-2023-41677, CVE-2023-48784 and CVE-2024-23662.

The severity for these vulnerabilities range between 5 (Medium) to 7.5 (High).

Multiple Fortinet Vulnerabilities Let Attackers Execute Code

However, these vulnerabilities have been patched accordingly by Fortinet and relevant security advisories have been published for addressing these vulnerabilities. 

Vulnerability Analysis

This particular vulnerability allows a threat actor to obtain administrator cookies on specific conditions that are probably rare.

Under these conditions, the threat actors can trick the administrator into visiting a malicious attacker-controlled website through SSL-VPN and steal administrator cookies.

This vulnerability exists due to insufficient protection of credentials.

The severity for this vulnerability was given as 7.5 (High) and affects multiple FortiOS and FortiProxy versions.

Document

Stop Advanced Phishing Attack With AI

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by
other email security solutions. .


CVE-2023-48784: Arbitrary Code Execution In FortiOS

This vulnerability exists due to the use of an externally controlled format string in FortiOS command line interface which allows a threat actor with local super-admin profile and CLI access to execute arbitrary code or commands by using specially crafted requests.

The severity for this vulnerability was given as 6.1 (Medium). Products affected by these vulnerabilities include multiple versions of FortiOS greater than 6.4. 

CVE-2024-23662: Sensitive Information Exposure Vulnerability In FortiOS

An unauthorized and unauthenticated threat actor can exploit this vulnerability and gather sensitive information such as device versions of affected FortiOS versions by using HTTP requests.

The severity for this vulnerability was given as 5.0 (Medium). 

Affected Products And Fixed In Versions

CVE Version Affected Solution
CVE-2023-41677 FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.4FortiOS 6.2FortiOS 6.0FortiProxy 7.4FortiProxy 7.2FortiProxy 7.0FortiProxy 2.0FortiProxy 1.2FortiProxy 1.1FortiProxy 1.0 7.4.0 through 7.4.17.2.0 through 7.2.67.0.0 through 7.0.126.4.0 through 6.4.146.2.0 through 6.2.156.0 all versions7.4.0 through 7.4.17.2.0 through 7.2.77.0.0 through 7.0.132.0 all versions1.2 all versions1.1 all versions1.0 all versions Upgrade to 7.4.2 or aboveUpgrade to 7.2.7 or aboveUpgrade to 7.0.13 or aboveUpgrade to 6.4.15 or aboveUpgrade to 6.2.16 or aboveMigrate to a fixed releaseUpgrade to 7.4.2 or aboveUpgrade to 7.2.8 or aboveUpgrade to 7.0.14 or aboveMigrate to a fixed releaseMigrate to a fixed releaseMigrate to a fixed releaseMigrate to a fixed release
CVE-2023-48784 FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.4 7.4.0 through 7.4.17.2.0 through 7.2.77.0 all versions6.4 all versions Upgrade to 7.4.2 or aboveUpgrade to 7.2.8 or aboveMigrate to a fixed releaseMigrate to a fixed release
CVE-2024-23662 FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.4 7.4.0 through 7.4.17.2.0 through 7.2.57.0 all versions6.4 all versions Upgrade to 7.4.2 or aboveUpgrade to 7.2.6 or aboveMigrate to a fixed releaseMigrate to a fixed release

Users of these products are recommended to upgrade to the latest versions to prevent threat actors from exploiting these vulnerabilities.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.



Source link