Friday, November 15, 2024
HomeCyber Security NewsNew Fortinet FortiOS Flaw Lets Attacker Execute Arbitrary Code

New Fortinet FortiOS Flaw Lets Attacker Execute Arbitrary Code

Published on

Fortinet has disclosed a critical vulnerability in its FortiOS and FortiProxy captive portal systems, potentially allowing attackers to execute arbitrary code through specially crafted HTTP requests.

This revelation underscores the ongoing challenges in safeguarding digital infrastructures against sophisticated threats.

Technical Breakdown of the Vulnerability

The vulnerability, identified as an out-of-bounds write issue CVE-2023-42789 and a stack-based buffer overflow CVE-2023-42790, affects multiple versions of FortiOS and FortiProxy.

- Advertisement - SIEM as a Service

Specifically, the impacted versions are FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, and 6.2.0 through 6.2.15, along with FortiProxy versions 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, and 2.0.0 through 2.0.13.

An attacker with access to the captive portal can exploit these vulnerabilities by sending specially crafted HTTP requests, which can lead to unauthorized code or command execution within the system.

This flaw poses a significant risk, as it could allow attackers to gain control over affected systems, potentially leading to data theft, system compromise, and further network infiltration.

Impact on Users

The implications of this vulnerability are far-reaching, affecting a broad spectrum of Fortinet’s user base.

Organizations utilizing the affected FortiOS and FortiProxy versions are at risk of targeted attacks that could compromise sensitive information and disrupt critical operations.

The vulnerability’s severity is underscored by its potential to allow attackers to execute arbitrary code, which can be leveraged for a wide range of malicious activities.

Affected Products and Versions

The vulnerabilities affect a range of Fortinet products across various versions:

  • FortiOS versions 7.4.0 to 7.4.1
  • FortiOS versions 7.2.0 to 7.2.5
  • FortiOS versions 7.0.0 to 7.0.12
  • FortiOS versions 6.4.0 to 6.4.14
  • FortiOS versions 6.2.0 to 6.2.15
  • FortiProxy version 7.4.0
  • FortiProxy versions 7.2.0 to 7.2.6
  • FortiProxy versions 7.0.0 to 7.0.12
  • FortiProxy versions 2.0.0 to 2.0.13

Solutions and Remediation

Fortinet has released software updates to address these vulnerabilities. Users are urged to upgrade their systems to the following versions or higher:

  • FortiOS version 7.4.2
  • FortiOS version 7.2.6
  • FortiOS version 7.0.13
  • FortiOS version 6.4.15
  • FortiOS version 6.2.16
  • FortiProxy version 7.4.1
  • FortiProxy version 7.2.7
  • FortiProxy version 7.0.13
  • FortiProxy version 2.0.14

Additionally, Fortinet has remediated the issue in FortiSASE version 23.3.b in Q3/23, so customers using this version need not take any further action.

The FMWP database update 23.105 also includes a virtual patch named “FortiOS.Captive.Portal.Out.Of.Bounds.Write.”

The vulnerabilities were internally discovered and reported by Gwendal Guégniaud of the Fortinet Product Security Team.

The initial publication of these findings was on February 27, 2024.

Fortinet customers are advised to review the provided solutions and apply the necessary updates or workarounds to ensure their systems are protected against the potential exploitation of these vulnerabilities.

With Perimeter81 malware protection, you can block malware, including Trojans, ransomware, spyware, rootkits, worms, and zero-day exploits. All are incredibly harmful and can wreak havoc on your network.

Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...

Critical Laravel Vulnerability CVE-2024-52301 Allows Unauthorized Access

CVE-2024-52301 is a critical vulnerability identified in Laravel, a widely used PHP framework for...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Chinese SilkSpecter Hackers Attacking Black Friday Shoppers

SilkSpecter, a Chinese financially motivated threat actor, launched a sophisticated phishing campaign targeting e-commerce...

Cybercriminals Launch SEO Poisoning Attack to Lure Shoppers to Fake Online Stores

The research revealed how threat actors exploit SEO poisoning to redirect unsuspecting users to...

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Basta, a prominent ransomware group, has rapidly gained notoriety since its emergence in...