Rewterz Threat Advisory – Multiple Fortinet Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-23113 CVSS:9.8

Fortinet FortiOS could allow a remote attacker to execute arbitrary code on the system, caused by the use of externally-controlled format string in the fgfmd daemon. By sending specially crafted requests, an attacker could exploit this vulnerability to execute arbitrary code or commands on the system.

CVE-2023-47537 CVSS:4.8

FortiOS is vulnerable to a man-in-the-middle attack, caused by improper certificate validation. An attacker could exploit this vulnerability to carry out a man-in-the-middle attack on the communication instance between the FortiOS device and a FortiSwitch instance.

CVE-2023-44253 CVSS:5

Fortinet FortiAnalyzer, FortiAnalyzer-BigData, and FortiManager could allow a remote attacker to obtain sensitive information, caused by an observable response discrepancy. By sending multiple requests, an attacker could exploit this vulnerability to enumerate other adoms and device names, and use this information to launch further attacks against the affected system.

Impact

• Gain Access
• Code Execution
• Information Disclosure

Indicators Of Compromise

CVE

• CVE-2024-21762

Affected Vendors

Fortinet

Affected Products

• Fortinet FortiOS 7.2.0
• Fortinet FortiOS 7.0.0
• Fortinet FortiOS 7.4.0
• Fortinet FortiOS 7.0.13
• Fortinet FortiOS 7.2.6
• Fortinet FortiOS 7.4.2
• Fortinet FortiAnalyzer-BigData 7.2.0
• Fortinet FortiAnalyzer-BigData 7.2.5
• Fortinet FortiAnalyzer-BigData 7.0
• Fortinet FortiAnalyzer-BigData 6.4
• Fortinet FortiAnalyzer-BigData 6.2
• Fortinet FortiManager 7.4.1
• Fortinet FortiManager 6.4

Remediation

Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.

CVE-2024-23113

CVE-2023-47537

CVE-2023-44253