Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Fortinet Patches Critical Vulnerabilities Leading to Code Execution

Fortinet has released patches for critical code execution vulnerabilities in FortiOS, FortiProxy, and FortiClientEMS.

Fortinet on Tuesday announced patches for multiple vulnerabilities in its network security and management products, including critical-severity flaws leading to code execution.

The first critical bug is CVE-2023-42789, an out-of-bounds write issue in FortiOS and FortiProxy that could allow attackers to execute code or commands via crafted HTTP requests.

Discovered internally by Fortinet’s product security team, the issue was addressed alongside CVE-2023-42790, a high-severity stack-based buffer overflow vulnerability also leading to code execution.

Both issues impact the FortiOS and FortiProxy captive portal and were addressed with the release of FortiOS versions 7.4.2, 7.2.6, 7.0.13, 6.4.15, and 6.2.16, and FortiProxy versions 7.4.1, 7.2.7, 7.0.13, and 2.0.14.

The second critical-severity flaw is CVE-2023-48788, an SQL injection issue in FortiClientEMS that allows unauthenticated attackers to execute code or commands via crafted requests.

The issue was resolved with the release of FortiClientEMS versions 7.2.3 and 7.0.11.

It should be noted that Fortinet has assessed both CVE-2023-42789 and CVE-2023-48788 as having a CVSS score of 9.3, while the NIST NVD lists both with a CVSS score of 9.8.

On Tuesday, Fortinet also announced patches for several high-severity bugs in its products, including an authorization bypass in FortiOS and FortiProxy (leading to information disclosure), a CSV injection in the log download feature of FortiClientEMS (leading to command execution), and an improper access control in FortiWLM MEA for FortiManager (leading to code execution).

Advertisement. Scroll to continue reading.

Medium-severity security holes in FortiOS and FortiManager, FortiAnalyzer, FortiAnalyzer-BigData, and FortiPortal were also resolved.

Fortinet makes no mention of any of these vulnerabilities being exploited in the wild, but threat actors are known to have targeted Fortinet flaws for which patches have been released.

Users and administrators are advised to apply the available patches as soon as possible. Additional information on the bugs can be found on Fortinet’s PSIRT advisories page.

Successful exploitation of these issues could allow threat actors to take over vulnerable systems, the US cybersecurity agency CISA warns.

Related: SAP Patches Critical Command Injection Vulnerabilities

Related: ICS Patch Tuesday: Siemens Ruggedcom Devices Impacted by 45 Fortinet Vulnerabilities

Related: Fortinet Warns of New FortiOS Zero-Day

Related: Patch Tuesday: Microsoft Flags Major Bugs in HyperV, Exchange Server

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

Check Point Software has appointed Nadav Zafrir as Chief Executive Officer.

BlackFog has named Brenda Robb as President, John Sarantakes as CRO, and Mark Griffith as VP of Strategic Sales.

Former NSA cybersecurity chief Rob Joyce has joined Sandfly Security's Advisory Board.

More People On The Move

Expert Insights