Fortinet has released fixes to address 15 security flaws. It contains one critical vulnerability affecting FortiOS and FortiProxy that could allow an attacker to take control of the affected system.
The issue is tracked as CVE-2023-25610which has a severity rating of 9.3 out of 10 and was discovered and reported internally by our security team.
Fortinet announced, “A buffer underwrite (“buffer underflow”) vulnerability in the FortiOS and FortiProxy management interfaces could allow an unauthenticated, remote attacker to execute arbitrary actions on a device via specially crafted requests. It could potentially execute code or do a DoS on the GUI.” Recommendation.
Underflow bugs, also known as buffer underruns, occur when input data is shorter than the reserved area, resulting in unexpected behavior or leaking sensitive data from memory.
Other possible consequences include memory corruption, which can be weaponized to induce crashes or execute arbitrary code.
Fortinet said it was not aware of any malicious exploitation attempts for this flaw. It is essential to act on
The following versions of FortiOS and FortiProxy are affected –
- FortiOS versions 7.2.0 through 7.2.3
- FortiOS versions 7.0.0 through 7.0.9
- FortiOS versions 6.4.0 through 6.4.11
- FortiOS versions 6.2.0 through 6.2.12
- FortiOS 6.0 All versions
- FortiProxy version 7.2.0 to 7.2.2
- FortiProxy version 7.0.0 to 7.0.8
- FortiProxy version 2.0.0 to 2.0.11
- FortiProxy 1.2 All versions
- FortiProxy 1.1 All versions
Fixes are available for FortiOS versions 6.2.13, 6.4.12, 7.0.10, 7.2.4, and 7.4.0. FortiOS-6K7K versions 6.2.13, 6.4.12, and 7.0.10. FortiProxy versions 2.0.12, 7.0.9, and 7.0.9.
Discover the hidden dangers of third-party SaaS apps
Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions granted and how to minimize the risks.
reserve a seat
As a workaround, Fortinet advises users to disable the HTTP/HTTPS management interface or limit the IP addresses that can access it.
The disclosure comes several weeks after the network security firm issued fixes for 40 vulnerabilities. Two of them are rated Critical and affect the FortiNAC (CVE-2022-39952) and FortiWeb (CVE-2021-42756) products.
