Fortinet release fix for critical flaw in FortiNAC zero-trust product
Take action: This vulnerability deserves overtime and weekend work. When the software that you use to defend from improper access to your network is critically vulnerable, your entire network is vulnerable. Patch your FortiNAC immediately.
Learn More
Fortinet released a warning on Friday about a significant vulnerability found in its FortiNAC zero-trust product. This vulnerability could potentially enable remote code execution by an unauthorized user.
The flaw stems from a deserialization vulnerability, which would allow attackers to execute unauthorized code or commands by exploiting the tcp/1050 service.
The vulnerability, identified as CVE-2023-33299, received a CVSSvs rating of 9.6, indicating its critical severity.
The FortiNAC product is described on the company's website as a solution for zero-trust access, providing oversight and protection for all digital assets connected to enterprise networks, encompassing IT, IoT, OT/ICS, and IoMT devices.
Security analysts have discovered over 10,400 publicly exposed systems through Shodan that might be vulnerable to this particular flaw.
The vulnerability affects multiple versions of FortiNAC. Fixrf versions are:
- 9.4.3 or above,
- 9.2.8 or above,
- 9.1.10 or above,
- 7.2.2 or above.
Versions 8.x would not receive a fix.
The flaw is seen as extremely serious by multiple security groups, stating that it should be scored higher than 9.6, potentially a 9.9 or higher due to the level of control it grants threat actors. Security groups and companies expect a potential larger-scale exploit chained on this vulnerability and making it a component of a multi-stage attack.
