ENGLISH Search Menu
Alerts & News Security Alerts Security News

SECURITY ALERTS

A Vulnerability (CVE-2023-25610) Exists in Fortinet FortiNAC Allowing for Arbitrary Code Execution or DdoS Attack

DESCRIPTION:
A buffer underwrite ('buffer underflow') vulnerability(CVE-2023-25610) in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests.

 

AFFECTED RELEASES:
FortiOS version 7.2.0 through 7.2.3
FortiOS version 7.0.0 through 7.0.9
FortiOS version 6.4.0 through 6.4.11
FortiOS version 6.2.0 through 6.2.12
FortiOS 6.0 all versions
FortiProxy version 7.2.0 through 7.2.2
FortiProxy version 7.0.0 through 7.0.8
FortiProxy version 2.0.0 through 2.0.12
FortiProxy 1.2 all versions
FortiProxy 1.1 all versions

Even when running a vulnerable FortiOS version, the hardware devices listed below are *only* impacted by the DoS part of the issue, *not* by the arbitrary code execution (non-listed devices are vulnerable to both):
FortiGateRugged-100C
FortiGate-100D
FortiGate-200C
FortiGate-200D
FortiGate-300C
FortiGate-3600A
FortiGate-5001FA2
FortiGate-5002FB2
FortiGate-60D
FortiGate-620B
FortiGate-621B
FortiGate-60D-POE
FortiWiFi-60D
FortiWiFi-60D-POE
FortiGate-300C-Gen2
FortiGate-300C-DC-Gen2
FortiGate-300C-LENC-Gen2
FortiWiFi-60D-3G4G-VZW
FortiGate-60DH
FortiWiFi-60DH
FortiGateRugged-60D
FortiGate-VM01-Hyper-V
FortiGate-VM01-KVM
FortiWiFi-60D-I
FortiGate-60D-Gen2
FortiWiFi-60D-J
FortiGate-60D-3G4G-VZW
FortiWifi-60D-Gen2
FortiWifi-60D-Gen2-J
FortiWiFi-60D-T
FortiGateRugged-90D
FortiWifi-60D-Gen2-U
FortiGate-50E
FortiWiFi-50E
FortiGate-51E
FortiWiFi-51E
FortiWiFi-50E-2R
FortiGate-52E
FortiGate-40F
FortiWiFi-40F
FortiGate-40F-3G4G
FortiWiFi-40F-3G4G
FortiGate-40F-3G4G-NA
FortiGate-40F-3G4G-EA
FortiGate-40F-3G4G-JP
FortiWiFi-40F-3G4G-NA
FortiWiFi-40F-3G4G-EA
FortiWiFi-40F-3G4G-JP
FortiGate-40F-Gen2
FortiWiFi-40F-Gen2

 

SOLUTION:
1. Users and system administrators of affected products are advised to apply the security updates:
(1) Please upgrade to FortiOS version 7.4.0, 7.2.4, 7.0.10, 6.4.12 and 6.2.13 or above
(2) Please upgrade to FortiProxy version 7.2.3 and 7.0.9 or above
(3) Please upgrade to FortiOS-6K7K version 7.0.10, 6.4.12 and 6.2.13 or above
2. If you can’t update to the latest version, please refer to the Fortinet official webpage for the” Workaround” part, and take action below:
(1) Disable HTTP/HTTPS administrative interface
(2) Limit IP addresses that can reach the administrative interface

 

REFERENCE:
1. https://www.fortiguard.com/psirt/FG-IR-23-001
2. https://www.helpnetsecurity.com/2023/03/09/cve-2023-25610/

 Back To Top