Fortinet has released a security update for FortiOS to address a vulnerability that could result in a remote code execution attack. CVE-2024-23110.
Update FortiOS security vulnerabilities
Fortinet has announced the release of a security update for FortiOS.
Released to fix a vulnerability that could allow malicious actors to exploit vulnerabilities in Fortinet products running affected versions of FortiOS. and leads to control of Fortinet products running affected versions of FortiOS. They received the same level of privilege as the Service Account that was attacked at that time. This may result in the attacker being able to install programs, view, change, or delete data, or create a new user account with full user rights, depending on the rights that the bad actor receives. A successful attack where a service account configured with low privileges on the system may be less affected than a user account configured with administrator privileges. (Administrative User Rights)
CVE-2024-23110 - Multiple Buffer Overflows in Diag Npu Command has been configured with a CVSSv3 Base Score of 7.4. This is a Multiple Stack-based Buffer Overflow vulnerability in FortiOS' Command Line Interpreter that could result in unauthorized users. An authenticated remote attacker (Remote Authenticated Attacker) can take advantage. This vulnerability allows attackers to execute code or commands without permission by sending malicious command line arguments created by an attacker.
Affected software is as follows:
● FortiOS 7.4 versions 7.4.0 to 7.4.2.
● FortiOS 7.2 versions 7.2.0 to 7.2.6.
● FortiOS 7.0 versions 7.0.0 to 7.0.13.
● FortiOS 6.4 versions 6.4.0 to 6.4.14.
● FortiOS 6.2 versions 6.2.0 to 6.2.15.
● FortiOS 6.0 version 6.0 all versions.
This vulnerability is a risk to organizations using Fortinet products running affected versions of FortiOS, and various actions must be taken to mitigate the risk. At the time this report was issued (June 19, 2024 at 1:00 p.m.), no Proof-of-Concept Code (PoC) has been found for attacking these vulnerabilities. And no reports of attacks on this vulnerability have been found on the internet.
How to solve the problem
Organizations running products affected by this vulnerability are advised to update. Software from the product owner company (Fortinet) immediately after testing the functionality after installation.
Security updates have been completed on the organization's test systems. According to the policy for managing gaps in the road Organizational techniques as follows
○ Update FortiOS to version 7.4.3 or later. With details at
○ Update FortiOS to version 7.2.7 or later. With details at
○ Update FortiProxy to version 7.0.14 or later. With details at
○ Update FortiOS to version 6.4.15 or later. With details at
;
○ Update FortiProxy to version 6.2.16 or later. With details at
○ For all versions of FortiOS version 6.0, the product company recommends updating to
Other versions That has been patched. CVE-2024-23110
Reference: FortiGuard - PSIRT Advisories | FortiGuard Labs https://fortiguard.fortinet.com/psirt/FG-IR-23-460
Comments