Multiple Fortinet Vulnerabilities

Multiple vulnerabilities have been discovered in FortiOS and FortiProxy that were related to administrator cookie leakage, arbitrary command execution and sensitive information exposure.

These vulnerabilities have been assigned with CVEs as CVE-2023-41677, CVE-2023-48784 and CVE-2024-23662.

The severity for these vulnerabilities range between 5 (Medium) to 7.5 (High).

However, these vulnerabilities have been patched accordingly by Fortinet and relevant security advisories have been published for addressing these vulnerabilities

Vulnerability Analysis

This particular vulnerability allows a threat actor to obtain administrator cookies on specific conditions that are probably rare.

Under these conditions, the threat actors can trick the administrator into visiting a malicious attacker-controlled website through SSL-VPN and steal administrator cookies.

This vulnerability exists due to insufficient protection of credentials.

The severity for this vulnerability was given as 7.5 (High) and affects multiple FortiOS and FortiProxy versions.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

CVE-2023-48784: Arbitrary Code Execution In FortiOS

This vulnerability exists due to the use of an externally controlled format string in FortiOS command line interface which allows a threat actor with local super-admin profile and CLI access to execute arbitrary code or commands by using specially crafted requests.

The severity for this vulnerability was given as 6.1 (Medium). Products affected by these vulnerabilities include multiple versions of FortiOS greater than 6.4. 

CVE-2024-23662: Sensitive Information Exposure Vulnerability In FortiOS

An unauthorized and unauthenticated threat actor can exploit this vulnerability and gather sensitive information such as device versions of affected FortiOS versions by using HTTP requests.

The severity for this vulnerability was given as 5.0 (Medium). 

Affected Products And Fixed In Versions

CVEVersionAffectedSolution
CVE-2023-41677FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.4FortiOS 6.2FortiOS 6.0FortiProxy 7.4FortiProxy 7.2FortiProxy 7.0FortiProxy 2.0FortiProxy 1.2FortiProxy 1.1FortiProxy 1.07.4.0 through 7.4.17.2.0 through 7.2.67.0.0 through 7.0.126.4.0 through 6.4.146.2.0 through 6.2.156.0 all versions7.4.0 through 7.4.17.2.0 through 7.2.77.0.0 through 7.0.132.0 all versions1.2 all versions1.1 all versions1.0 all versionsUpgrade to 7.4.2 or aboveUpgrade to 7.2.7 or aboveUpgrade to 7.0.13 or aboveUpgrade to 6.4.15 or aboveUpgrade to 6.2.16 or aboveMigrate to a fixed releaseUpgrade to 7.4.2 or aboveUpgrade to 7.2.8 or aboveUpgrade to 7.0.14 or aboveMigrate to a fixed releaseMigrate to a fixed releaseMigrate to a fixed releaseMigrate to a fixed release
CVE-2023-48784FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.47.4.0 through 7.4.17.2.0 through 7.2.77.0 all versions6.4 all versionsUpgrade to 7.4.2 or aboveUpgrade to 7.2.8 or aboveMigrate to a fixed releaseMigrate to a fixed release
CVE-2024-23662FortiOS 7.4FortiOS 7.2FortiOS 7.0FortiOS 6.47.4.0 through 7.4.17.2.0 through 7.2.57.0 all versions6.4 all versionsUpgrade to 7.4.2 or aboveUpgrade to 7.2.6 or aboveMigrate to a fixed releaseMigrate to a fixed release

Users of these products are recommended to upgrade to the latest versions to prevent threat actors from exploiting these vulnerabilities.

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.

Eswar is a Cyber security reporter with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is reporting data breach, Privacy and APT Threats.