Fortinet addressed multiple issues in FortiOS and other products, including a critical remote code execution flaw in FortiClientLinux.
Fortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of 9.4), in FortiClientLinux.
The vulnerability is an Improper Control of Generation of Code (‘Code Injection’) issue that resides in FortiClientLinux. An unauthenticated attacker can trigger the flaw to execute arbitrary code by tricking a FortiClientLinux user into visiting a specially crafted website.
“An Improper Control of Generation of Code (‘Code Injection’) vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.” reads the advisory published by Fortinet.
Below are the impacted versions and the one released by the company to fix the issue.
Version | Affected | Solution |
---|---|---|
FortiClientLinux 7.2 | 7.2.0 | Upgrade to 7.2.1 or above |
FortiClientLinux 7.0 | 7.0.6 through 7.0.10 | Upgrade to 7.0.11 or above |
FortiClientLinux 7.0 | 7.0.3 through 7.0.4 | Upgrade to 7.0.11 or above |
The vulnerability was reported to Fortinet by the security researcher CataLpa from Dbappsecurity.
Fortinet did not reveal if this vulnerability is actively exploited in attacks in the wild.
US CISA published an alert to warn Fortinet users of the security updates released by the vendor to address multiple vulnerabilities in its products, including OS and FortiProxy.
“Fortinet released security updates to address vulnerabilities in multiple products, including OS and FortiProxy. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.” reads the alert that encourages users and administrators to review the following advisories and apply necessary updates:
- FR-IR-23-345 FortiClientMac – Lack of configuration file validation
- FG-IR-23-493 FortiOS & FortiProxy – Administrator cookie leakage
- FG-IR-23-087 FortiClient Linux – Remote Code Execution due to dangerous nodejs configuration
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Fortinet)