Request a Demo
Rewterz
Multiple Microsoft Windows Products Zero-Day Vulnerabilities Exploited in the Wild
July 10, 2024
Rewterz
CVE-2024-35264 – Microsoft ASP.NET Zero-Day Vulnerability
July 10, 2024

Multiple Fortinet Products Vulnerabilities

Severity

Medium

Analysis Summary

CVE-2024-27785 CVSS: 5.4

Fortinet FortiAIOps could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by improper neutralization of formula elements in a CSV File vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2024-27783 CVSS: 7.6

Fortinet FortiAIOps is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.

CVE-2024-23663 CVSS: 8.8

Fortinet FortiExtender could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper access control. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to create users with elevated privileges.

CVE-2024-26015 CVSS: 3.7

Fortinet FortiProxy and FortiOS could allow a remote attacker to bypass security restrictions, caused by incorrect parsing of numbers with different radices vulnerability. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the IP blocklist.

CVE-2024-27782 CVSS: 8.1

Fortinet FortiAIOps could allow a remote attacker to bypass security restrictions, caused by insufficient session expiration vulnerabilities. By sending a specially crafted request, an attacker could exploit this vulnerability to re-use stolen old session tokens to perform unauthorized operations via crafted requests.

CVE-2024-33509 CVSS: 4.8

Fortinet FortiWeb is vulnerable to a man-in-the-middle attack, caused by the lack of client-side certificate validation. An attacker could exploit this vulnerability to launch a man-in-the-middle attack and gain access to the communication channel between endpoints to obtain sensitive information.

Impact

  • Gain Access
  • Privilege Escalation
  • Security Bypass

Indicators of Compromise

CVE

  • CVE-2024-27785
  • CVE-2024-27783
  • CVE-2024-23663
  • CVE-2024-26015
  • CVE-2024-27782
  • CVE-2024-33509

Affected Vendors

Fortinet

Affected Products

  • Fortinet FortiOS 7.2.0
  • Fortinet FortiProxy 7.2.0
  • Fortinet FortiWeb 7.2.1
  • Fortinet FortiProxy 7.4.0
  • Fortinet FortiOS 7.4.3
  • Fortinet FortiAIOps 2.0.0
  • Fortinet FortiExtender 7.4.2
  • Fortinet FortiExtender 7.2.4
  • Fortinet FortiExtender 7.0.4
  • Fortinet FortiProxy 7.4.3

Remediation

Refer to FortiGuard Advisory for patch, upgrade, or suggested workaround information.

CVE-2024-27785

CVE-2024-27783

CVE-2024-23663

CVE-2024-26015

CVE-2024-27782

CVE-2024-33509