Published: February 12, 2024
Overview
Fortinet released security updates to address critical remote code execution vulnerabilities in FortiOS (CVE-2024-21762, CVE-2024-23313).
Impact
It is possible for a threat actor to take control of an affected system by exploiting these vulnerabilities.
It may be possible to exploit a vulnerability in the FortiOS fgfmd daemon using externally controlled format strings.
The vulnerability described in CVE-2024-23113 could allow a remote, unauthenticated attacker to execute arbitrary code and commands.
The vulnerability in FortiOS referred to in CVE-2024-21762 allows an unauthenticated remote attacker to run arbitrary code through specially crafted HTTP requests.
Applicable Versions for CVE-2024-21762
| Affected Version | Updated Version |
|---|---|
| 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| 7.2.0 through 7.2.6 | Upgrade to 7.2.7 or above |
| 7.0.0 through 7.0.13 | Upgrade to 7.0.14 or above |
| 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
| 6.2.0 through 6.2.15 | Upgrade to 6.2.16 or above |
Applicable Versions for CVE-2024-23113
| Affected Version | Updated Version |
|---|---|
| 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| 7.2.0 through 7.2.6 | Upgrade to 7.2.7 or above |
| 7.0.0 through 7.0.13 | Upgrade to 7.0.14 or above |
| FortiPAM 1.2.0 | Upgrade to 1.2.1 or above |
| FortiPAM 1.1.0 through 1.1.2 | Upgrade to 1.1.3 or above |
| FortiPAM 1.0 | Migrate to a fixed release. |
| FortiProxy 7.0.0 through 7.0.14 | Upgrade to 7.0.16 or above |
| FortiProxy 7.2.0 through 7.2.8 | Upgrade to 7.2.9 or above |
| FortiProxy 7.0 | Upgrade to 7.0.16 or above |
| FortiSwitchManager 7.2.0 through 7.2.3 | Upgrade to 7.2.4 or above |
| FortiSwitchManager 7.0.0 through 7.0.3 | Upgrade to 7.0.4 or above |
Mitigations and Workarounds
Upgrade to recommended version of the product as shown in the above table. The work arounds to address vulnerability CVE-2024-23113 to remove the fgfm access for each interface and disable SSL VPN to address CVE-2024-21762.
Best Practices
Run vulnerability scans regularly to identify the vulnerabilities. Upgrade the product to stable and secure version.
Netsurion Detection and Response
Netsurion researchers are continuously monitoring the exploits of this vulnerability. Netsurion’s vulnerability management system is working with the vendors to update the vulnerability scanners to detect for customers who have subscribed to Netsurion Vulnerability Management.
References:
- https://www.fortiguard.com/psirt/FG-IR-24-015
- https://www.fortiguard.com/psirt/FG-IR-24-029
- https://www.cisa.gov/news-events/alerts/2024/02/09/fortinet-releases-security-advisories-fortios
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23113
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21762