Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Fortinet Patches Code Execution Vulnerability in FortiOS

Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw.

Fortinet on Tuesday announced patches for multiple vulnerabilities in FortiOS and other products, including several flaws leading to code execution.

The most severe of the issues is CVE-2024-23110 (CVSS score of 7.4), which collectively tracks multiple stack-based buffer overflow security defects in the platform’s command line interpreter.

Successful exploitation of the high-severity flaw, Fortinet explains, “may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.”

The bug impacts FortiOS versions 6.x and 7.x and was addressed with the release of FortiOS 6.2.16, 6.4.15, 7.0.14, 7.2.7, and 7.4.3.

Another medium-severity stack-based overflow vulnerability, tracked as CVE-2024-26010 and impacting FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager, can be exploited by remote attackers to execute arbitrary code or commands if specific conditions are met.

On Tuesday, Fortinet also warned of multiple medium-severity stack-based buffer overflow vulnerabilities (collectively tracked as CVE-2023-46720) in FortiOS that could be exploited for arbitrary code execution via crafted CLI commands.

FortiOS versions 7.2.8 and 7.4.4 contain fixes for the bug. Customers using previous iterations of the platform are advised to upgrade to a fixed release.

Fortinet also addressed two medium-severity issues that impact both FortiOS and FortiProxy and which could allow attackers to execute JavaScript code or decrypt backup files.

Advertisement. Scroll to continue reading.

Security updates Fortinet released this week also address two SQL injection flaws, one in FortiPortal, leading to information disclosure, and another in FortiSOAR Event Auth API, leading to code or command execution.

On Tuesday, Fortinet also acknowledged that some of its products are affected by the recently disclosed TunnelVision attack (CVE-2024-3661) that allows attackers to use built-in features of DHCP to bypass VPN protections and snoop on victims’ traffic.

According to Fortinet’s advisory, users of FortiClientWindows (SSL-VPN) can mitigate the attack by using ‘Full-Tunnel’ with ‘exclusive-routing’ enabled. Fixes for the bug will be included in future versions of FortiClientWindows (IPsec VPN), FortiClientMac, and FortiClientLinux.

Fortinet makes no mention of any of these vulnerabilities being exploited in attacks but threat actors are known to have exploited flaws in Fortinet products for which patches had been released.

Related: Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

Related: Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

Related: Fortinet Patches Critical Vulnerabilities Leading to Code Execution

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

SaaS security company AppOmni has hired Joel Wallenstrom as its General Manager.

FTI Consulting has appointed Brett Callow as Managing Director in its Cybersecurity & Data Privacy Communications practice.

Mobile security firm Zimperium has welcomed David Natker as its VP of Global Partners and Alliances.

More People On The Move

Expert Insights