A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!

Pierluigi Paganini March 08, 2023

Fortinet addressed a critical heap buffer underflow vulnerability affecting FortiOS and FortiProxy, which can lead to arbitrary code execution.

Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked as CVE-2023-25610 (CVSS v3 9.3), that resides in the administrative interface in FortiOS and FortiProxy. A remote, unauthenticated attacker can exploit the vulnerability to execute arbitrary code on the vulnerable device and trigger a DoS condition on the GUI, by sending specifically crafted requests.

The vulnerability affects the following products:

  • FortiOS version 7.2.0 through 7.2.3
  • FortiOS version 7.0.0 through 7.0.9
  • FortiOS version 6.4.0 through 6.4.11
  • FortiOS version 6.2.0 through 6.2.12
  • FortiOS 6.0, all versions
  • FortiProxy version 7.2.0 through 7.2.2
  • FortiProxy version 7.0.0 through 7.0.8
  • FortiProxy version 2.0.0 through 2.0.11
  • FortiProxy 1.2, all versions
  • FortiProxy 1.1, all versions

The security vendor released the following updates to address the issue:

  • FortiOS version 7.4.0 or above
  • FortiOS version 7.2.4 or above
  • FortiOS version 7.0.10 or above
  • FortiOS version 6.4.12 or above
  • FortiOS version 6.2.13 or above
  • FortiProxy version 7.2.3 or above
  • FortiProxy version 7.0.9 or above
  • FortiProxy version 2.0.12 or above
  • FortiOS-6K7K version 7.0.10 or above
  • FortiOS-6K7K version 6.4.12 or above
  • FortiOS-6K7K version 6.2.13 or above

The company announced that it is not aware of attacks in the wild exploiting this vulnerability.

The advisory includes a list of models for which the flaw’s exploitation can only trigger a DoS condition.

Fortinet also provides a workaround for the flaw, the company recommends disabling the HTTP/HTTPS administrative interface or limiting the IP addresses that can reach the administrative interface.

The security vendor acknowledged Kai Ni from the Burnaby InfoSec team for reporting the flaw.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, FortiOS)

you might also like

leave a comment