Fortinet
addressed
a
critical
heap
buffer
underflow
vulnerability
affecting
FortiOS
and
FortiProxy,
which
can
lead
to
arbitrary
code
execution.
Fortinet
addressed
a
critical
buffer
underwrite
(‘buffer
underflow’)
vulnerability,
tracked
as
CVE-2023-25610
(CVSS
v3
9.3),
that
resides
in
the
administrative
interface
in
FortiOS
and
FortiProxy.
A
remote,
unauthenticated
attacker
can
exploit
the
vulnerability
to
execute
arbitrary
code
on
the
vulnerable
device
and
trigger
a
DoS
condition
on
the
GUI,
by
sending
specifically
crafted
requests.
The
vulnerability
affects
the
following
products:
-
FortiOS
version
7.2.0
through
7.2.3 -
FortiOS
version
7.0.0
through
7.0.9 -
FortiOS
version
6.4.0
through
6.4.11 -
FortiOS
version
6.2.0
through
6.2.12 -
FortiOS
6.0,
all
versions -
FortiProxy
version
7.2.0
through
7.2.2 -
FortiProxy
version
7.0.0
through
7.0.8 -
FortiProxy
version
2.0.0
through
2.0.11 -
FortiProxy
1.2,
all
versions -
FortiProxy
1.1,
all
versions
The
security
vendor
released
the
following
updates
to
address
the
issue:
-
FortiOS
version
7.4.0
or
above -
FortiOS
version
7.2.4
or
above -
FortiOS
version
7.0.10
or
above -
FortiOS
version
6.4.12
or
above -
FortiOS
version
6.2.13
or
above -
FortiProxy
version
7.2.3
or
above -
FortiProxy
version
7.0.9
or
above -
FortiProxy
version
2.0.12
or
above -
FortiOS-6K7K
version
7.0.10
or
above -
FortiOS-6K7K
version
6.4.12
or
above -
FortiOS-6K7K
version
6.2.13
or
above
The
company
announced
that
it
is
not
aware
of
attacks
in
the
wild
exploiting
this
vulnerability.
The
advisory
includes
a
list
of
models
for
which
the
flaw’s
exploitation
can
only
trigger
a
DoS
condition.
Fortinet
also
provides
a
workaround
for
the
flaw,
the
company
recommends
disabling
the
HTTP/HTTPS
administrative
interface
or
limiting
the
IP
addresses
that
can
reach
the
administrative
interface.
The
security
vendor
acknowledged
Kai
Ni
from
the
Burnaby
InfoSec
team
for
reporting
the
flaw.
Follow
me
on
Twitter:
@securityaffairs
and
Facebook
and
Mastodon
(SecurityAffairs –
hacking,
FortiOS)