Fortinet has revealed and resolved several vulnerabilities within its range of products, such as FortiAnalyzer, FortiManager, FortiOS, FortiProxy, FortiVoice, FortiWeb, and FortiSwitch.
These weaknesses vary from inadequate filtering of log outputs to unconfirmed password modifications and poorly secured credentials.
The organization has released updates and strategies to protect users from possible exploitation.
.png
)
Vulnerability in FortiOS Due to Inadequately Secured Credentials
A significant vulnerability found in FortiOS pertains to inadequately secured credentials (CWE-522).
This issue may enable an authenticated attacker with privileges to obtain LDAP credentials by altering the LDAP server IP address in the configuration to point to a malicious server.
Affected Versions:
- All versions of FortiOS 7.4, 7.2, 7.0, and 6.4 are vulnerable.
- FortiOS 7.6 is not affected.
Users are encouraged to transition to stable releases by utilizing Fortinet’s upgrade tool. Fortinet recognized Vladislav Driev and Oleg Labyntsev for their responsible disclosure of this vulnerability.
Inadequate Output Neutralization
A different vulnerability (CWE-117) impacts FortiManager and FortiAnalyzer, which might enable unauthenticated remote attackers to corrupt logs through specially crafted login requests.
Affected Versions:
- Vulnerable versions include 7.6.0–7.6.1 for both products.
- Earlier versions such as 7.4.x and 7.2.x are also affected.
Users are encouraged to update to FortiManager and FortiAnalyzer versions 7.6.2 or higher. Fortinet recognized Alexandre Labb from A1 Digital International for bringing this issue to their attention.
Man-in-the-Middle Vulnerability
Multiple products, such as FortiOS, FortiProxy, FortiManager, and others, were identified to have a man-in-the-middle vulnerability (CWE-923).
This vulnerability may allow attackers to take on the identity of management devices by capturing authentication requests exchanged between managed devices and management systems like FortiCloud or FortiManager.
Affected Versions:
- Vulnerable versions span across multiple releases of FortiOS (6.x–7.x), FortiProxy (2.x–7.x), and other products such as FortiVoice and FortiWeb.
Users should upgrade to fixed versions as specified in the advisory. Théo Leleu of the Product Security team and Stephen Bevan from the Development team at Fortinet internally discovered this vulnerability.
Unconfirmed Vulnerability for Password Changes
Fortinet also disclosed an unverified password change vulnerability (CWE-620) in the GUI of its FortiSwitch product. This issue could allow remote unauthenticated attackers to modify admin passwords through specially crafted requests.
Affected Versions:
- Versions 6.4.x–7.x are vulnerable.
Upgrade to fixed versions or disable HTTP/HTTPS access from administrative interfaces as a workaround. Daniel Rozeboom of the FortiSwitch web UI development team was credited for discovering this flaw.
Fortinet strongly recommends users upgrade their systems immediately using its upgrade tool or apply available workarounds where patching is not feasible.
The company has worked closely with researchers and international agencies to ensure timely disclosure and mitigation strategies.
Acknowledging the contributions of security researchers like Vladislav Driev, Oleg Labyntsev, Alexandre Labb, Théo Leleu, Stephen Bevan, and Daniel Rozeboom under responsible disclosure practices underscores the collaborative effort in addressing these vulnerabilities.
All advisories were published on April 8, 2025, marking an essential step in maintaining transparency and ensuring customer security across its product ecosystem.
Users can refer to Fortinet’s official documentation for detailed guidance on upgrading or mitigating risks associated with these vulnerabilities.
Find this News Interesting! Follow us on Google News, LinkedIn, & X to Get Instant Updates!
