Request a Demo
Rewterz
Multiple Microsoft Windows Vulnerabilities
January 24, 2025
Rewterz
Fake CAPTCHA Campaign Deploys Lumma Stealer in Cross-Industry Attacks – Active IOCs
January 24, 2025

Multiple Fortinet Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-33503 CVSS:6.7

A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specific shell commands.

CVE-2024-56497 CVSS:6.5

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.6 and 6.4.0 through 6.4.7, FortiRecorder versions 7.0.0 and 6.4.0 through 6.4.4 allows attacker to execute unauthorized code or commands via the CLI.

CVE-2023-46715 CVSS:4.7

An origin validation error [CWE-346] vulnerability in Fortinet FortiOS IPSec VPN version 7.4.0 through 7.4.1 and version 7.2.6 and below allows an authenticated IPSec VPN user with dynamic IP addressing to send (but not receive) packets spoofing the IP of another user via crafted network packets.

CVE-2024-35276 CVSS:5

A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7 allows attacker.

CVE-2024-35275 CVSS:6.5

A improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, FortiManager version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

CVE-2022-23439 CVSS:4.4

Fortinet products are vulnerable to HTTP header injection, caused by improper validation of input. By persuading a victim to visit a specially-crafted Web page, a remote attacker could exploit this vulnerability to inject arbitrary HTTP headers.

Impact

  • Privilege Escalation
  • Code Execution
  • Buffer Overflow
  • Data Manipulation
  • Gain Access

Indicators of Compromise

CVE

  • CVE-2024-33503

  • CVE-2024-56497

  • CVE-2023-46715

  • CVE-2024-35276

  • CVE-2024-35275

  • CVE-2022-23439

Affected Vendors

Fortinet

Affected Products

  • Fortinet FortiOS 7.0.5
  • Fortinet FortiOS 7.2.0
  • Fortinet FortiOS 6.4.9
  • Fortinet FortiOS 7.0.0
  • Fortinet FortiManager - 7.4.0 - 7.2.0 - 7.0.0 - 6.4.0
  • Fortinet FortiMail - 7.2.0 - 7.0.0 - 6.4.0
  • Fortinet FortiRecorder - 7.0.0 - 6.4.0
  • Fortinet FortiProxy - 7.4.0 - 7.2.0 - 7.0.0
  • Fortinet FortiOS - 7.4.0 - 7.2.0 - 7.0.0 - 6.4.0 - 6.2.0
  • Fortinet FortiAnalyzer - 7.4.0 - 7.2.0 - 7.0.0 - 6.4.0

Remediation

Upgrade to the latest version of Fortinet, available from the Website.

CVE-2024-33503

CVE-2024-56497

CVE-2023-46715

CVE-2024-35276

CVE-2024-35275

CVE-2022-23439