FortiOS Vulnerability Let Attackers to Execute Unauthorized Commands

Fortinet has disclosed multiple stack-based buffer overflow vulnerabilities (CVE-2024-23110) in FortiOS’s command line interpreter.

These vulnerabilities could allow authenticated attackers to execute unauthorized code or commands. Gwendal Guégniaud of the Fortinet Product Security team discovered and reported these vulnerabilities.

EHA

Affected Versions and Solutions

The vulnerabilities affect several versions of FortiOS. Fortinet has provided the following guidance for affected users:

  • FortiOS 7.4: Versions 7.4.0 through 7.4.2 are affected. Users should upgrade to version 7.4.3 or above.
  • FortiOS 7.2: Versions 7.2.0 through 7.2.6 are affected. Users should upgrade to version 7.2.7 or above.
  • FortiOS 7.0: Versions 7.0.0 through 7.0.13 are affected. Users should upgrade to version 7.0.14 or above.
  • FortiOS 6.4: Versions 6.4.0 through 6.4.14 are affected. Users should upgrade to version 6.4.15 or above.
  • FortiOS 6.2: Versions 6.2.0 through 6.2.15 are affected. Users should upgrade to version 6.2.16 or above.
  • FortiOS 6.0: All versions are affected. Users should migrate to a fixed release.

Fortinet recommends using its upgrade path tool to ensure a smooth transition to the fixed versions. The tool can be accessed at Fortinet’s Upgrade Path Tool.

The vulnerabilities are due to improper handling of command-line arguments in the FortiOS command-line interpreter.

Free Webinar on API vulnerability scanning for OWASP API Top 10 vulnerabilities -> Book Your Spot.

An attacker with authenticated access could exploit these vulnerabilities by sending specially crafted command-line arguments, which could lead to the execution of unauthorized code or commands.

Mitigation and Recommendations

Fortinet advises all users of affected FortiOS versions to upgrade to the recommended versions as soon as possible to mitigate the risk of exploitation.

Users should also follow best practices for network security, including limiting access to the command line interface to trusted users and monitoring for unusual activity.

Using the Upgrade Path Tool

  1. Access the Upgrade Path Tool: Visit Fortinet’s Upgrade Path Tool.
  2. Select Product and Versions: Choose your current FortiGate product, current FortiOS version, and the target FortiOS version.
  3. Follow Recommended Path: The tool will provide a recommended upgrade path. Download all intermediate firmware versions if necessary.

Verify Your FortiOS Version

Log into your FortiGate device to check the current FortiOS version.

Using the GUI:

  1. Log into the FortiGate web interface.
  2. Go to Dashboard > System Information.
  3. Check the Firmware Version field to see the current version of FortiOS.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.