FortiOS Vulnerability Let Attackers Execute Unauthorized Commands
Fortinet has disclosed a pair of stack-primarily primarily based buffer overflow vulnerabilities (CVE-2024-23110) in FortiOS’s show line interpreter.
These vulnerabilities would possibly per chance per chance allow authenticated attackers to achieve unauthorized code or instructions. Gwendal Guégniaud of the Fortinet Product Security crew realized and reported these vulnerabilities.
Affected Versions and Choices
The vulnerabilities affect various versions of FortiOS. Fortinet has supplied the next steering for affected users:
- FortiOS 7.4: Versions 7.4.0 through 7.4.2 are affected. Customers ought to silent toughen to model 7.4.3 or above.
- FortiOS 7.2: Versions 7.2.0 through 7.2.6 are affected. Customers ought to silent toughen to model 7.2.7 or above.
- FortiOS 7.0: Versions 7.0.0 through 7.0.13 are affected. Customers ought to silent toughen to model 7.0.14 or above.
- FortiOS 6.4: Versions 6.4.0 through 6.4.14 are affected. Customers ought to silent toughen to model 6.4.15 or above.
- FortiOS 6.2: Versions 6.2.0 through 6.2.15 are affected. Customers ought to silent toughen to model 6.2.16 or above.
- FortiOS 6.0: All versions are affected. Customers ought to silent migrate to a mounted open.
Fortinet recommends the usage of its toughen path instrument to be sure a soft transition to the mounted versions. The instrument is inclined to be accessed at Fortinet’s Upgrade Path Tool.
The vulnerabilities are resulting from inaccurate handling of show-line arguments within the FortiOS show-line interpreter.
An attacker with authenticated accumulate admission to would possibly per chance per chance exploit these vulnerabilities by sending specially crafted show-line arguments, which would possibly per chance per chance consequence within the execution of unauthorized code or instructions.
Mitigation and Options
Fortinet advises all users of affected FortiOS versions to toughen to the commended versions as soon as that it is seemingly you’ll also imagine to mitigate the likelihood of exploitation.
Customers ought to silent also apply simplest practices for community security, including limiting accumulate admission to to the show line interface to trusted users and monitoring for unfamiliar assert.
Utilizing the Upgrade Path Tool
- Salvage entry to the Upgrade Path Tool: Visit Fortinet’s Upgrade Path Tool.
- Pick Product and Versions: Settle on your recent FortiGate product, recent FortiOS model, and the aim FortiOS model.
- Apply Advised Path: The instrument will present a commended toughen path. Download all intermediate firmware versions if an vital.
Take a look at Your FortiOS Model
Log into your FortiGate tool to ascertain the recent FortiOS model.
Utilizing the GUI:
- Log into the FortiGate web interface.
- Walk to Dashboard > Plot Files.
- Take a look at the Firmware Model field to glimpse the sizzling model of FortiOS.
Source credit : cybersecuritynews.com