March 10, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
November 1, 2023Rewterz Threat Alert – A New PikaBot Malware – Active IOCs
November 1, 2023Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
November 1, 2023Rewterz Threat Alert – A New PikaBot Malware – Active IOCs
November 1, 2023
Severity
High
Analysis Summary
CVE-2023-44249 CVSS:4.3
Fortinet FortiManager and FortiAnalyzer could allow a remote authenticated attacker to obtain sensitive information, caused by improper authorization validaiton. By sending specially crafted HTTP requests, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-41838 CVSS:7.1
Fortinet FortiAnalyzer and FortiManager could allow a local authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands to delete arbitrary files.
CVE-2023-42787 CVSS:6.5
Fortinet FortiManager and FortiAnalyzer could allow a remote authenticated attacker to bypass security restrictions, caused by a client-side enforcement of server-side security vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to access a privileged web console.
CVE-2023-42782 CVSS:5.3
Fortinet FortiAnalyzer could allow a remote attacker to bypass security restrictions, caused by an insufficient verification of data authenticity vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to send messages to the syslog server of FortiAnalyzer.
CVE-2023-42791 CVSS:8.8
Fortinet FortiManager and FortiAnalyzer could allow a remote attacker to upload arbitrary files, caused by relative path traversal vulnerability. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to upload a malicious file, which could allow the attacker to execute arbitrary code on the vulnerable system.
CVE-2023-41679 CVSS:8.5
Fortinet FortiManager could allow a remote authenticated attacker to bypass security restrictions, caused by improper access control in the management interface. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authentication and add and delete CLI script on ADOMs they are not a part of.
CVE-2023-25607 CVSS:7.8
Fortinet FortiAnalyzer, Fortinet FortiADC, and Fortinet FortiManager could allow a local authenticated attacker to execute arbitrary commands on the system, caused by an OS command injection vulnerability in the wordexp function. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-42788 CVSS:7.8
Fortinet FortiManager and FortiAnalyzer could allow a local authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Gain Access
- Information Disclosure
- Security Bypass
Indicators Of Compromise
CVE
- CVE-2023-44249
- CVE-2023-41838
- CVE-2023-42787
- CVE-2023-42782
- CVE-2023-42791
- CVE-2023-41679
- CVE-2023-25607
- CVE-2023-42788
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiAnalyzer 6.2.0
- Fortinet FortiAnalyzer 7.0.0
- Fortinet FortiAnalyzer 7.2.0
- Fortinet FortiAnalyzer 6.4
- Fortinet FortiAnalyzer 6.4.0
- Fortinet FortiAnalyzer 7.4.0
- Fortinet FortiAnalyzer 7.2.3
- Fortinet FortiAnalyzer 7.0.8
- Fortinet FortiAnalyzer 6.4.12
- Fortinet FortiAnalyzer 6.2.11
- Fortinet FortiAnalyzer 6.0.10
- Fortinet FortiAnalyzer 6.2.7
- Fortinet FortiAnalyzer 6.4.5
- Fortinet FortiAnalyzer 6.4.6
- Fortinet FortiAnalyzer 6.0.6
- Fortinet FortiAnalyzer 6.4.4
- Fortinet FortiManager 6.4.0
- Fortinet FortiManager 7.2.0
- Fortinet FortiManager 6.2
- Fortinet FortiManager 6.0
- Fortinet FortiManager 7.4.0
- Fortinet FortiManager 7.2.3
- Fortinet FortiManager 7.0.8
- Fortinet FortiManager 6.4.11
- Fortinet FortiManager 6.4.12
- Fortinet FortiManager 6.2.11
- Fortinet FortiManager 7.0.0
- Fortinet FortiManager 7.2.2
- Fortinet FortiManager 7.0.7
- Fortinet FortiManager 6.0.0
- Fortinet FortiManager 6.0.1
- Fortinet FortiManager 6.2.3
- Fortinet FortiManager 6.2.2
- Fortinet FortiManager 6.2.7
- Fortinet FortiManager 6.4.5
- Fortinet FortiManager 6.4.3
- Fortinet FortiManager 6.2.6
- Fortinet FortiManager 6.4.4
- Fortinet FortiManager 7.0.1
- Fortinet FortiManager 6.2.0
- Fortinet FortiManager 6.2.9
- Fortinet FortiManager 6.4.7
- Fortinet FortiManager 7.0.2
- Fortinet FortiADC 6.0.0
- Fortinet FortiADC 6.0.4
- Fortinet FortiADC 6.2.1
- Fortinet FortiADC 6.1.0
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.