Fortinet reports two critical and three high severity issues, plan to patch
Take action: One more patch effort for Fortinet products. Put high priority on ForticlientEMS, FortiOS and FortiProxy captive portal. Fortinet is a common target of attacks, so don't delay.
Learn More
Fortinet has disclosed a series of vulnerabilities across several of their products, with two rated as "critical" and others marked as "high" severity, leading to an advisory warning issued by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). These vulnerabilities affect a range of Fortinet products, including FortiClient EMS (Enterprise Management Server), FortiManager, FortiOS, and FortiProxy.
The critical issues are as follows:
- CVE-2023-48788 (CVSS score 9.3), allows a remote and unauthenticated attacker to execute arbitrary commands on the admin workstation by creating malicious log entries.
- CVE-2023-42789 and CVE-2023-42790 (CVSS score 9.3), affects FortiOS and FortiProxy's captive portal through an out-of-bounds write flaw and buffer overflow vulnerability, respectively. These could let an attacker with access to the captive portal execute arbitrary code via specially crafted HTTP requests.
For each issue Fortinet has advised the latest patched version of the software that users should upgrade to.
In addition to these, three "high" severity vulnerabilities were disclosed, affecting FortiClientEMS, FortiManager, and both FortiOS and FortiProxy SSLVPN.
While Fortinet has not confirmed any exploitations of these vulnerabilities in attacks so far, the disclosure of these vulnerabilities underscores the importance of applying security updates promptly to mitigate potential risks.
