Fortinet Products Multiple Vulnerabilities

ADVISORY!

TLP : CLEAR

Date : 19/02/2024

REF NO : CERT / 2024/02/14

Severity Level: High

Components Affected

For CVE-2024-21762

FortiOS 7.4 version 7.4.0 through 7.4.2
FortiOS 7.2 version 7.2.0 through 7.2.6
FortiOS 7.0 version 7.0.0 through 7.0.13
FortiOS 6.4 version 6.4.0 through 6.4.14
FortiOS 6.2 version 6.2.0 through 6.2.15
FortiOS 6.0 version all versions
FortiProxy 7.4 version 7.4.0 through 7.4.2
FortiProxy 7.2 version 7.2.0 through 7.2.8
FortiProxy 7.0 version 7.0.0 through 7.0.14
FortiProxy 2.0 version 2.0.0 through 2.0.13
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions
FortiProxy 1.0 all versions

For Others CVE

FortiProxy 7.4 version 7.4.0 through 7.4.1
FortiProxy 7.2 version 7.2.0 through 7.2.7
FortiProxy 7.0 all versions
FortiOS 7.4 version 7.4.0 through 7.4.2
FortiOS 7.2 version 7.2.0 through 7.2.6
FortiOS 7.0 all versions
FortiOS 6.4 version 6.4.0 through 6.4.14
FortiOS 6.2 version 6.2.0 through 6.2.15
FortiOS 6.0 all versions
FortiNAC 9.4 version 9.4.0 through 9.4.3
FortiNAC 9.2 all versions
FortiNAC 9.1 all versions
FortiNAC 8.8 all versions
FortiNAC 8.7 all versions
FortiNAC 8.6 all versions
FortiNAC 8.5 all versions
FortiNAC 8.3 all versions
FortiNAC 7.2 version 7.2.0 through 7.2.2
FortiClientEMS 7.2 version 7.2.0 through 7.2.2
FortiClientEMS 7.0 version 7.0.6 through 7.0.10
FortiClientEMS 7.0 version 7.0.0 through 7.0.4
FortiClientEMS 6.4 all versions
FortiClientEMS 6.2 all versions

Overview

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, remote code execution, sensitive information disclosure and cross-site scripting on the targeted system.

Description

A out-of-bounds write vulnerability [CWE-787] in FortiOS and FortiProxy may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests.

CVE-2024-21762

An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiNAC may allow a remote unauthenticated attacker to perform a stored cross site scripting (XSS) attack via the name fields observed in the policy audit logs.

CVE-2023-26206

An improper certificate validation vulnerability [CWE-295] in FortiOS may allow an unauthenticated attacker in a Man-in-the-Middle position to decipher and alter the FortiLink communication channel between the FortiOS device and a FortiSwitch instance.

CVE-2023-47537

An improper privilege management vulnerability [CWE-269] in FortiClientEMS graphical administrative interface may allow an Site administrator with Super Admin privileges to perform global administrative operations affecting other sites via crafted HTTP or HTTPS requests.

CVE-2023-45581

The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly.

CVE-2023-44487

A use of externally-controlled format string vulnerability [CWE-134] in FortiOS fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.

CVE-2024-23113

Impact

Denial of Service
Remote Code Execution
Information Disclosure
Cross-Site Scripting

Solution/ Workarounds

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

For CVE-2024-21762

https://fortiguard.fortinet.com/psirt/FG-IR-24-015

For Others CVE

Reference

Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.

Sri Lanka Computer Emergency Readiness Team | Coordination Centre

Quick Links

Useful Links

Contact

Hotline : 101
+94 11 269 1692
Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
General inquiry: cert@cert.gov.lk
Security incidents: incidents@cert.gov.lk
Social media incidents: report@cert.gov.lk

ADVISORY!