Fortinet Addresses Critical Vulnerability In FortiClientLinux

FortiOS, FortiProxy, FortiClientMac and FortiSandbox also patched

clock • 3 min read
Fortinet Addresses Critical Vulnerability In FortiClientLinux

Fortinet has patched a critical remote code execution (RCE) vulnerability in FortiClientLinux, among multiple vulnerabilities across various products.

On Tuesday, Fortinet announced the release of patches for several security bugs affecting FortiOS, FortiProxy, FortiClientMac, FortiSandbox, and most notably, FortiClientLinux.

The critical RCE flaw, identified as CVE-2023-45590 with a CVSS score of 9.4, is a code injection issue.

"An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website," Fortinet said in an advisory.

The vulnerability, attributed to a "dangerous nodejs configuration," affects FortiClientLinux versions 7.2.0, 7.0.6 through 7.0.10, and 7.0.3 through 7.0.4. Fortinet addressed the flaw with the release of FortiClientLinux versions 7.2.1 and 7.0.11.

Users are urged to apply patches promptly to mitigate the risk associated with this vulnerability.

In addition to CVE-2023-45590, the cybersecurity company also disclosed the following high-severity bugs affecting FortiOS, FortiProxy and FortiClientMac:

·        FortiOS and FortiProxy vulnerability: According to Fortinet, a high-severity vulnerability, indexed as CVE-2023-41677, results from insufficient protection of credentials in multiple versions of FortiOS and FortiProxy. The company warned that attackers could exploit this bug by convincing an administrator to visit a malicious website via SSL-VPN, potentially allowing them to execute arbitrary code.

·        FortiClientMac vulnerabilities: Two vulnerabilities, CVE-2023-45588 and CVE-2024-31492, have been identified that could enable a local attacker to execute arbitrary code. This could be achieved by placing malicious configuration files in the temporary directory prior to initiating the FortiClientMac installation process.

           "An external control of file name or path vulnerability [CWE-73] in FortiClientMac's installer may allow a local attacker to execute arbitrary code or commands via writing a malicious configuration file in /tmp before starting the installation process," the advisory by Fortinet states.

·        FortiSandbox: Fortinet has also released patches for the following three high-severity vulnerabilities:

                   CVE-2024-23671: Could lead to arbitrary file deletion.

                   CVE-2024-21755 and CVE-2024-21756: Could result in arbitrary command execution.

There is no current evidence of these flaws being exploited in attacks, according to Fortinet.

However, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) has issued a warning, stating that a threat actor could exploit these vulnerabilities to seize control of an affected system.

Fortinet vulnerabilities have been a frequent target for cyber attackers, with more than a dozen vulnerabilities in Fortinet products currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog, including two added in 2024.

Last month, security nonprofit Shadowserver warned that over 133,000 Fortinet appliances were susceptible to a critical CVE-2024-21762 vulnerability, despite it being patched by Fortinet in early February.

With a severity score of 9.6 out of 10, this out-of-bounds write flaw affects the SSL VPN component, potentially enabling attackers to run code or commands through specially crafted HTTP requests.

Last month, Fortinet disclosed another critical-severity vulnerability, CVE-2023-48788, affecting FortiClient Endpoint Management Server (EMS). Experts warned of the likelihood of attackers exploiting this bug, given the availability of proof of concepts and historical targeting of Fortinet devices by threat actors.

In February, Fortinet patched two bugs tracked under the identifiers CVE-2024-23108 and CVE-2024-23109, threatening the security posture of organizations relying on FortiSIEM.

This article originally appeared on our sister site Computing


You may also like
Google Eyes HubSpot Acquisition To Challenge Microsoft

Cloud Computing

Microsoft's Dynamics products dominate the modern CRM sector

clock 05-28-2024 • 3 min read
5 AI Policy Templates You Can Use As A Framework

Artificial Intelligence

AI is something that many businesses are still working through. There are guidance and tools to help to create a framework for any business.

clock 05-24-2024 • 2 min read
Access Point: Weekly News Roundup For IT Executives – May 24, 2024


Access Point is a weekly roundup of major tech news for IT executives on the go. This edition covers May 20-May 24.

clock 05-24-2024 • 2 min read

More on Security

How Semperis Is Helping Detect 'Low And Slow' Cyberattacks And Why It's Targeting The Midmarket

How Semperis Is Helping Detect 'Low And Slow' Cyberattacks And Why It's Targeting The Midmarket

Semperis' VP of products, Darren Mar-Elia, breaks down how ML helps with identity-based security and why the new offering is a fit for midmarket organizations' cyber resilience strategies

Samara Lynn
clock 05-23-2024 • 7 min read
Microsoft Build 2024: CEO Nadella Declares 'A Golden Age Of Systems'

Microsoft Build 2024: CEO Nadella Declares 'A Golden Age Of Systems'

'I still remember distinctly the first time Win32 was discussed … .Net, Azure. These are moments that I’ve marked my life with. And it just feels like we’re, yet again, at a moment like that,' Microsoft CEO Satya Nadella said in his keynote at Build 2024....

Wade Tyler Millward
clock 05-22-2024 • 9 min read
Strata Announces 'Always-On' Identity Continuity

Strata Announces 'Always-On' Identity Continuity

Identity access and management continues to evolve

Samara Lynn
clock 05-21-2024 • 2 min read