Analysis Summary

CVE-2023-37937 CVSS:7.6

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via the FortiSwitch CLI.

CVE-2024-50566 CVSS:7.2

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager versions 7.6.0 through 7.6.1, versions 7.4.5 through 7.4.0, and versions 7.2.1 through 7.2.8, FortiManager Cloud versions 7.6.0 through 7.6.1, versions 7.4.0 through 7.4.4, and versions 7.2.2 through 7.2.7 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests.

CVE-2024-32115 CVSS:5.2

Fortinet FortiManager could allow a remote attacker to traverse directories on the system and delete files from the underlying filesystem, caused by uncontrolled search path element vulnerability.

 CVE-2024-46667 CVSS:6.9

A allocation of resources without limits or throttling in Fortinet FortiSIEM 5.3 all versions, 5.4 all versions, 6.x all versions, 7.0 all versions, and 7.1.0 through 7.1.5 may allow an attacker to deny valid TLS traffic via consuming all allotted connections.

CVE-2024-21758 CVSS:6.4

A stack-based buffer overflow in Fortinet FortiWeb versions 7.2.0 through 7.2.7, and 7.4.0 through 7.4.1 may allow a privileged user to execute arbitrary code via specially crafted CLI commands, provided the user is able to evade FortiWeb stack protections.

Impact

• Gain Access
• Code Execution

Indicators of Compromise

CVE

• CVE-2023-37937

• CVE-2024-50566

• CVE-2024-32115

• CVE-2024-46667

• CVE-2024-21758

Affected Vendors

Remediation

Upgrade to the latest version of Fortinet, available from the FortiGuard Website.

CVE-2023-37937

CVE-2024-50566

CVE-2024-32115

CVE-2024-46667

CVE-2024-21758