Fortinet Patches Critical Vulnerabilities in FortiOS, New Vulnerabilities Discovered

Fortinet has recently addressed several critical vulnerabilities in its FortiOS operating system, including CVE-2024-23110, CVE-2024-26010, and CVE-2023-46720, while CVE-2024-3661 remains under analysis. These vulnerabilities could allow remote attackers to execute arbitrary code, gain unauthorized access, or disrupt services, making timely patching essential.

CVE-2024-23110: Critical Code Execution Vulnerability

Overview: CVE-2024-23110 is a critical stack-based buffer overflow vulnerability in FortiOS. This flaw allows remote attackers to execute unauthorized code or commands via specially crafted commands, potentially leading to a complete system compromise.

• Exploitation: This vulnerability is exploited by sending specially crafted commands to the FortiOS system, which mishandles the input and allows execution of arbitrary code with elevated privileges.
• Affected Versions: FortiOS 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, and all versions of 6.0.
• Fixes: The issue has been resolved in FortiOS versions 7.4.3, 7.2.7, 7.0.14, 6.4.15, and 6.2.16.

CVE-2024-26010: Stack-Based Buffer Overflow

Overview: CVE-2024-26010 is a critical stack-based buffer overflow vulnerability affecting multiple Fortinet products. This includes FortiPAM, FortiWeb, FortiAuthenticator, FortiSwitchManager, FortiOS, and FortiProxy. The vulnerability allows attackers to execute unauthorized code or commands via specially crafted packets.

• Exploitation: This vulnerability is exploited by sending specially crafted packets to the affected systems, which mishandle the input and allow execution of arbitrary code with elevated privileges.
• Affected Versions:
  • FortiPAM: Versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3
  • FortiWeb, FortiAuthenticator, FortiSwitchManager: Versions 7.2.0 through 7.2.3, 7.0.1 through 7.0.3
  • FortiOS: Versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18
  • FortiProxy: Versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7
• Fixes: The issue has been fixed in the latest versions of each affected product.

CVE-2023-46720: Stack-Based Buffer Overflow

Overview: CVE-2023-46720 is a stack-based buffer overflow vulnerability in FortiOS that allows attackers to execute unauthorized code or commands via specially crafted CLI commands. This vulnerability could be exploited to gain control over the affected systems.

• Exploitation: Attackers exploit this vulnerability by sending specially crafted CLI commands to the FortiOS system, which mishandles the input and allows the execution of arbitrary code with elevated privileges.
• Affected Versions: FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.7, 7.0.0 through 7.0.12, 6.4.6 through 6.4.15, 6.2.9 through 6.2.16, and 6.0.13 through 6.0.18.
• Fixes: The issue has been resolved in FortiOS versions 7.4.2, 7.2.8, 7.0.13, 6.4.16, 6.2.17, and 6.0.19.

CVE-2024-3661: DHCP Route Injection Vulnerability

Overview: CVE-2024-3661 is a DHCP-based vulnerability that can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify network traffic that was expected to be protected by the VPN.

• Exploitation: This vulnerability is exploited by using DHCP option 121 to add routes to a client’s routing table, bypassing VPN protections and leaking traffic over the physical interface.
• Affected Versions: Various versions of FortiOS that use DHCP option 121 for routing.
• Fixes: This issue is currently under analysis and has not yet been fixed.

Importance of Applying the Patches

Given the critical nature of these vulnerabilities, it is crucial for organizations using Fortinet products to apply the latest patches immediately. Delaying updates can leave systems exposed to potential attacks, leading to data breaches, operational disruptions, and significant financial losses.

Steps to Apply the Patches:

1. Check for Updates: Log in to your Fortinet account and navigate to the support section to check for the latest firmware updates.
2. Backup Configurations: Before applying updates, ensure that you backup your current system configurations to prevent data loss.
3. Install Patches: Follow the provided instructions to download and install the patches on all affected systems.
4. Verify Updates: After installation, verify that the updates have been applied correctly and that the systems are functioning as expected.

Conclusion

Fortinet continues to have new vulnerabilities, month to month. This underscores the importance of regular security updates. By applying these patches promptly, organizations can help protect their systems from potential exploits and ensure the integrity and security of their digital environments. Some organizations may consider looking at alternative solutions as Fortinet continues to struggle with security vulnerabilities and we dont see an end in sight as new issues have been popping up more frequently.

For more detailed information on each vulnerability and the associated patches, visit Fortinet’s official PSIRT advisory page and the National Vulnerability Database. Stay informed with SecurityChris.com for the latest cybersecurity news and updates.