Edit Content
Report Incident
English
Sinhala
Tamil

ADVISORY!

TLP : CLEAR

Date : 13/06/2024

REF NO : CERT / 2024/06/54

Fortinet Products Multiple Vulnerabilities

Severity Level: Medium

Components Affected

  • FortiOS version 7.2.0 through 7.2.7
  • FortiOS version 7.0.0 through 7.0.14
  • FortiOS version 6.4 all versions
  • FortiOS version 6.2 all versions
  • FortiOS version 6.0 all versions
  • FortiPAM version 1.2 all versions
  • FortiPAM version 1.1 all versions
  • FortiPAM version 1.0 all versions
  • FortiProxy version 7.4.0 through 7.4.3
  • FortiProxy version 7.2.0 through 7.2.9
  • FortiProxy version 7.0.0 through 7.0.16
  • FortiProxy version 2.0 all versions
  • FortiProxy version 1.2 all versions
  • FortiProxy version 1.1 all versions
  • FortiProxy version 1.0 all versions
  • FortiSwitchManager version 7.2.0 through 7.2.3
  • FortiSwitchManager version 7.0.1 through 7.0.3
  • FortiClientWindows (SSL-VPN) All versions
  • FortiClientWindows (IPsec VPN) All versions
  • FortiClientMac All versions
  • FortiClientLinux All versions

Overview

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.

Description

A vulnerability in DHCP can add routes to a client’s routing table via the classless static route option (121), causing VPN-based security solutions that rely on routes to redirect traffic to potentially leak traffic over the physical interface. This exposes network traffic, expected to be protected by the VPN, to attackers on the same local network who can read, disrupt, or modify it. Additionally, several versions of Fortinet products, including FortiPAM, FortiWeb, FortiAuthenticator, FortiSwitchManager, FortiOS, and FortiProxy, contain a stack-based buffer overflow vulnerability. This flaw allows attackers to execute unauthorized code or commands via specially crafted packets in the affected versions, posing a significant security risk.

Impact

  • Security Restriction Bypass
  • Remote Code Execution

Solution/ Workarounds

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Reference

Disclaimer : The information provided herein is on an “as is” basis, without warranty of any kind.

Sri Lanka Computer Emergency Readiness Team | Coordination Centre

Linkedin-in Facebook-f Twitter Youtube

Quick Links

Useful Links

Contact

  • Hotline : 101
  • +94 11 269 1692
  • Room 4-112, BMICH, Bauddhaloka Mawatha, Colombo 07, Sri Lanka.
  • General inquiry: cert@cert.gov.lk
  • Security incidents: incidents@cert.gov.lk
  • Social media incidents: report@cert.gov.lk

Copyright © 2023 SRI LANKA CERT | CC