Fortinet has released updates to address 15 security flaws, one of which is a critical vulnerability that affects FortiOS and FortiProxy, allowing a threat actor to gain control of impacted systems. The vulnerability, named CVE-2023-25610, has been assigned a severity rating of 9.3 out of 10 and was discovered and reported by Fortinet’s security teams.
Fortinet’s advisory stated that the vulnerability is a buffer underwrite issue in the administrative interface of FortiOS and FortiProxy, which could enable an unauthenticated, remote attacker to execute arbitrary code on the device and perform a DoS on the GUI by using specifically crafted requests.
When the reserved space is larger than the input data, it leads to underflow bugs or buffer underruns, resulting in unpredictable behavior or the inadvertent disclosure of sensitive data from memory.
Additional potential outcomes involve memory corruption that could be exploited to cause a crash or perform unauthorized code execution.
According to Fortinet, no reported instances of the vulnerability being maliciously exploited exist. However, considering the history of previous software vulnerabilities being used in the wild, users must act swiftly in installing the patches.
The following versions of FortiOS and FortiProxy are impacted by the vulnerability –
- FortiOS version 7.2.0 through 7.2.3
- FortiOS version 7.0.0 through 7.0.9
- FortiOS version 6.4.0 through 6.4.11
- FortiOS version 6.2.0 through 6.2.12
- FortiOS 6.0 all versions
- FortiProxy version 7.2.0 through 7.2.2
- FortiProxy version 7.0.0 through 7.0.8
- FortiProxy version 2.0.0 through 2.0.11
- FortiProxy 1.2 all versions
- FortiProxy 1.1 all versions
Several versions of FortiOS and FortiProxy have available fixes, including FortiOS versions 6.2.13, 6.4.12, 7.0.10, 7.2.4, and 7.4.0; FortiOS-6K7K versions 6.2.13, 6.4.12, and 7.0.10; and FortiProxy versions 2.0.12, 7.0.9, and 7.0.9.
Fortinet is suggesting two workarounds for users, which are either disabling the HTTP/HTTPS administrative interface or restricting the IP addresses that are allowed to access it.
The network security company released fixes for 40 vulnerabilities a few weeks ago, two of which are classified as Critical and affect FortiNAC (CVE-2022-39952) and FortiWeb (CVE-2021-42756) Products. The disclosure of these vulnerabilities has now been made.
ESOF VMDR enables the detection of vulnerabilities
ESOF is a cutting-edge technology for vulnerability management that finds and fixes vulnerabilities (CVE-2023-25610) throughout the whole IT stack. ESOF VMDR is used as protection against malicious online attacks. It automatically prioritizes, checks for vulnerabilities immediately, and continuously scans for them after the user installs them on their system.
ESOF VMDR improves an enterprise’s security posture by identifying vulnerable assets, calculating a cyber risk score, and offering auto-prioritization and auto-remediation. In addition to this, it does a scheduled scan of your entire system across the web, mobile, SCR, and infrastructure. It separates the vulnerabilities that pose a severe threat to our system.
Our new ESOF Prediction function predicts the number of vulnerabilities in the following month. You may read more about it in our ESOF Prediction solution brief.
The foundation of TAC’s ESOF prediction model is that risk stems not from vulnerabilities but from attackers who take advantage of them. Network vulnerabilities are so prevalent that businesses require assistance to stay current. Your system is protected against assaults by these vulnerabilities if you can predict which ones will exist in the coming month.
Download ESOF VMDR Datasheet to know more about it.
Request a Demo Now!