Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Fortinet Patches Code Execution Vulnerability in FortiOS

Fortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw.

Fortinet on Tuesday announced patches for multiple vulnerabilities in FortiOS and other products, including several flaws leading to code execution.

The most severe of the issues is CVE-2024-23110 (CVSS score of 7.4), which collectively tracks multiple stack-based buffer overflow security defects in the platform’s command line interpreter.

Successful exploitation of the high-severity flaw, Fortinet explains, “may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.”

The bug impacts FortiOS versions 6.x and 7.x and was addressed with the release of FortiOS 6.2.16, 6.4.15, 7.0.14, 7.2.7, and 7.4.3.

Another medium-severity stack-based overflow vulnerability, tracked as CVE-2024-26010 and impacting FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager, can be exploited by remote attackers to execute arbitrary code or commands if specific conditions are met.

On Tuesday, Fortinet also warned of multiple medium-severity stack-based buffer overflow vulnerabilities (collectively tracked as CVE-2023-46720) in FortiOS that could be exploited for arbitrary code execution via crafted CLI commands.

FortiOS versions 7.2.8 and 7.4.4 contain fixes for the bug. Customers using previous iterations of the platform are advised to upgrade to a fixed release.

Fortinet also addressed two medium-severity issues that impact both FortiOS and FortiProxy and which could allow attackers to execute JavaScript code or decrypt backup files.

Advertisement. Scroll to continue reading.

Security updates Fortinet released this week also address two SQL injection flaws, one in FortiPortal, leading to information disclosure, and another in FortiSOAR Event Auth API, leading to code or command execution.

On Tuesday, Fortinet also acknowledged that some of its products are affected by the recently disclosed TunnelVision attack (CVE-2024-3661) that allows attackers to use built-in features of DHCP to bypass VPN protections and snoop on victims’ traffic.

According to Fortinet’s advisory, users of FortiClientWindows (SSL-VPN) can mitigate the attack by using ‘Full-Tunnel’ with ‘exclusive-routing’ enabled. Fixes for the bug will be included in future versions of FortiClientWindows (IPsec VPN), FortiClientMac, and FortiClientLinux.

Fortinet makes no mention of any of these vulnerabilities being exploited in attacks but threat actors are known to have exploited flaws in Fortinet products for which patches had been released.

Related: Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

Related: Recent Fortinet FortiClient EMS Vulnerability Exploited in Attacks

Related: Fortinet Patches Critical Vulnerabilities Leading to Code Execution

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Discover strategies for vendor selection, integration to minimize redundancies, and maximizing ROI from your cybersecurity investments. Gain actionable insights to ensure your stack is ready for tomorrow’s challenges.

Register

Dive into critical topics such as incident response, threat intelligence, and attack surface management. Learn how to align cyber resilience plans with business objectives to reduce potential impacts and secure your organization in an ever-evolving threat landscape.

Register

People on the Move

Former Barclay’s CISO Oliver Newbury has joined ransomware protection firm Halcyon as a strategic advisor

Stephanie Crowe has been appointed head of the Australian Cyber Security Centre (ACSC).

Cloud security giant Wiz has named Fazal Merchant as President and Chief Financial Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.