A Critical flaw in FortiOS & FortiProxy Gives Remote Access to Hackers
There has been a serious vulnerability in FortiOS and FortiProxy which might enable a threat actor to take control of affected systems. Fortinet released some patches to address 15 security flaws, including a critical vulnerability affecting FortiOS and FortiProxy. Its security teams discovered and reported it internally as CVE-2023-25610, a vulnerability rated 9.3 out of 10.
In an Advisory Fortinet said:
There is a buffer underwrite (‘buffer underflow’) vulnerability in FortiOS and FortiProxy administrative interfaces that may allow remote unauthenticated attackers to execute arbitrary code on the device and/or cause a DoS on the GUI, through specifically crafted requests.
The underflow bug, also known as buffer underruns, occurs when input data exceeds reserved space, resulting in unpredictable behavior or sensitive data leaks. There is also the possibility of memory corruption, which can be weaponized to cause a crash or execute arbitrary code.
According to Fortinet, there are no known malicious attempts to exploit the vulnerability. However, software bugs have been actively abused before, so it’s important that users apply the patches quickly.
The following versions of FortiOS and FortiProxy are affected by the vulnerability –
• FortiOS version 7.2.0 through 7.2.3
• FortiOS version 7.0.0 through 7.0.9
• FortiOS version 6.4.0 through 6.4.11
• FortiOS version 6.2.0 through 6.2.12
• FortiOS 6.0 all versions
• FortiProxy version 7.2.0 through 7.2.2
• FortiProxy version 7.0.0 through 7.0.8
• FortiProxy version 2.0.0 through 2.0.11
• FortiProxy 1.2 all versions
• FortiProxy 1.1 all versions
The fixes are available in FortiOS versions 6.2.13, 6.4.12, 7.0.10, 7.2.4, and 7.4.0; FortiOS-6K7K versions 6.2.13, 6.4.12, and 7.0.10; and FortiProxy versions 2.0.12, 7.0.9, and 7.0.9. As a workaround, Fortinet recommends users either disable the HTTP/HTTPS management interface or limit the IP addresses they can reach.
The disclosure comes weeks after the network security company released fixes for 40 vulnerabilities, two of which were deemed critical and affect the FortiNAC (CVE-2022-39952) and FortiWeb (CVE-2021-42756) products.
Author: Kashyap Kumar Mishra