top of page

Critical Fortinet Flaws Highlight Importance of Prompt Patching

Critical Fortinet Flaws Highlight Importance of Prompt Patching


Cybersecurity firm Fortinet has issued an advisory warning users of critical security vulnerabilities impacting its FortiClientEMS, FortiOS, and FortiProxy products. These flaws, if left unpatched, could allow remote attackers to execute unauthorized code or commands on affected systems.


The most severe vulnerability, tracked as CVE-2023-48788, affects the FortiClientEMS software and stems from an SQL injection flaw. With a CVSS score of 9.3 out of 10, this issue could enable an unauthenticated attacker to achieve remote code execution as the SYSTEM user on the server. Vulnerable versions include FortiClientEMS 7.2.0 through 7.2.2 (users should upgrade to 7.2.3 or above) and 7.0.1 through 7.0.10 (upgrade to 7.0.11 or above).


Additionally, Fortinet has addressed two other critical vulnerabilities (CVE-2023-42789 and CVE-2023-42790) in its FortiOS and FortiProxy products. With a CVSS score of 9.3, these flaws could allow an attacker with access to the captive portal to execute arbitrary code or commands via specially crafted HTTP requests. The below product versions are impacted by the flaws:


  • FortiOS

  • 7.4.0 through 7.4.1 (Upgrade to FortiOS version 7.4.2 or above)

  • 7.2.0 through 7.2.5 (Upgrade to FortiOS version 7.2.6 or above)

  • 7.0.0 through 7.0.12 (Upgrade to FortiOS version 7.0.13 or above)

  • 6.4.0 through 6.4.14 (Upgrade to FortiOS version 6.4.15 or above)

  • 6.2.0 through 6.2.15 (Upgrade to FortiOS version 6.2.16 or above)

  • FortiProxy

  • 7.4.0 (Upgrade to FortiProxy version 7.4.1 or above)

  • 7.2.0 through 7.2.6 (Upgrade to FortiProxy version 7.2.7 or above)

  • 7.0.0 through 7.0.12 (Upgrade to FortiProxy version 7.0.13 or above)

  • 2.0.0 through 2.0.13 (Upgrade to FortiProxy version 2.0.14 or above)


While there is no evidence of active exploitation of these vulnerabilities, Fortinet appliances have been repeatedly targeted by threat actors in the past. Users are strongly advised to promptly apply the latest updates provided by Fortinet to mitigate the risks associated with these critical flaws.

Cybersecurity researchers at Horizon3.ai plan to release additional technical details and a proof-of-concept (PoC) exploit for the FortiClientEMS vulnerability (CVE-2023-48788) next week.

Fortinet has credited Thiago Santana from the FortiClientEMS development team and the U.K. National Cyber Security Centre (NCSC) for discovering and reporting these vulnerabilities.

Comments


bottom of page