Fortinet released security advisories for 40 vulnerabilities to inform customers of available security patches. Affected Fortinet products include FortiWeb, FortiOS, FortiNAC, and FortiProxy, among others. Two of the vulnerabilities are rated Critical, 15 are rated High, 22 are rated Medium, and one is rated Low in severity.
CVE-2022-39952 (CVSS score: 9.8) is a severe bug in the FortiNAC solution that could lead to arbitrary code execution. It can be exploited by an unauthenticated attacker to write arbitrary files on the system and achieve remote code execution with the highest privileges. Organizations using FortiNAC 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, and all versions on the 8.8, 8.7, 8.6, 8.5, and 8.3 branches are urged prioritize applying the available security updates (FG-IR-22-300). Additionally, researchers from Horizon3 have recently released a PoC exploit code that is available on the company’s Github repository. FortiNAC administrators are strongly recommended to immediately upgrade to a version of the product that is not affected by the CVE-2022-39952 vulnerability.
The second flaw, CVE-2021-42756 (CVSS score: 9.3), was discovered more than one year ago and is a set of stack-based buffer overflow in FortWeb’s proxy daemon that could allow an unauthenticated remote attacker to achieve arbitrary code execution via specially crafted HTTP requests. It has been fixed (FG-IR-21-186) in FortiWeb version 7.0.0 or above, 6.3.17 or above, 6.2.7 or above, 6.1.3 or above, and 6.0.8 or above.
Affected Software
See: PSIRT Advisories.
Recommendation
Organizations are recommended to view the PSIRT Advisories and apply available security updates for affected products.
Resources & Related Articles
