FortiGuard unveiled security updates on December 12, 2023, to mitigate multiple critical vulnerabilities present in its FortiOS, FortiPAM, FortiMail, FortiNDR, FortiRecorder, FortiSwitch, and FortiVoice products. Exploiting these vulnerabilities could potentially grant cyber threat actors control over compromised systems.
An issue of double free vulnerability [CWE-415] has been detected in the FortiOS and FortiPAM HTTPSd daemon. This vulnerability, assigned CVE-2023-41678 with a CVSSv3 score of 8.3, has the potential to enable an authenticated attacker to execute arbitrary code by leveraging specially crafted commands.
This recently emphasized vulnerability, deemed the most critical, lacks a public exploit at present. However, the assigned CVSS vector (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) indicates potential exploitation by a network-based attacker with low-level system privileges. The impact is substantial, posing a serious threat to the targeted system’s confidentiality, availability, and integrity.
Affected Versions and Solution
FortiOS 7.0: Versions 7.0.0 to 7.0.5 are affected. The solution is to upgrade to version 7.0.6 or above.
FortiPAM 1.1: Versions 1.1.0 to 1.1.1 are affected. The solution is to upgrade to version 1.1.2 or above.
FortiOS 7.2, 6.4, and FortiPAM 1.2 and 1.0 are not affected.
A CSRF vulnerability [CWE-352] has been discovered in the CLI of FortiMail, FortiNDR, FortiRecorder, FortiSwitch, and FortiVoiceEnterprise. This high-severity flaw, with a CVSSv3 score of 7.5, could empower a remote, unauthenticated attacker to execute commands on the CLI by tricking an authenticated administrator into running malicious GET requests.
Affected Versions and Solution
FortiMail: Versions 7.0.0 to 7.0.3 and 6.4.0 to 6.4.6 are impacted. Upgrading to versions 7.0.4 and 6.4.7 or above, respectively, is required.
FortiNDR: Versions 7.1.0 to 7.0.4, and all versions of 1.5 to 1.1 are affected. Upgrading to the fixed releases is necessary.
FortiRecorder, FortiSwitch, and FortiVoice also have specific affected versions with recommended upgrades.
For FortiOS, versions 7.4.0, 7.2.0 to 7.2.4, 7.0.0 to 7.0.11, 6.4.0 to 6.4.12, and 6.2.0 to 6.2.15 are impacted. It is recommended to upgrade to the respective fixed versions.
For FortiProxy, versions 7.2.0 to 7.2.4 and 7.0.0 to 7.0.10 are affected. Users are advised to upgrade to versions 7.2.5 and 7.0.11 or above, respectively.
Affected FortiGuard product users should promptly review version information and apply the provided security updates. Verify if your systems are running any of the affected versions and follow the recommended upgrade paths.
Follow Us on: Twitter, Instagram, Facebook to get the latest security news!
Leave A Comment