Fortinet FortiOS Critical Vulnerability - 20240311002¶
Overview¶
Fortinet has released an advisory for FortiOS/FortiProxy out-of-bound write vulnerability in sslvpnd which may allow remote unauthenticated attackers to execute arbitrary code or command via specially crafted HTTP requests.
What is vulnerable?¶
| Product(s) Affected | Affected version(s) | Severity | CVSS |
|---|---|---|---|
| FortiOS 7.4 | 7.4.0 through 7.4.2 | Critical | 9.6 |
| FortiOS 7.2 | 7.2.0 through 7.2.6 | Critical | 9.6 |
| FortiOS 7.0 | 7.0.0 through 7.0.13 | Critical | 9.6 |
| FortiOS 6.4 | 6.4.0 through 6.4.14 | Critical | 9.6 |
| FortiOS 6.2 | 6.2.0 through 6.2.15 | Critical | 9.6 |
| FortiOS 6.0 | 6.0.0 through 6.0.17 | Critical | 9.6 |
| FortiProxy 7.4 | 7.4.0 through 7.4.2 | Critical | 9.6 |
| FortiProxy 7.2 | 7.2.0 through 7.2.8 | Critical | 9.6 |
| FortiProxy 7.0 | 7.0.0 through 7.0.14 | Critical | 9.6 |
| FortiProxy 2.0 | 2.0.0 through 2.0.13 | Critical | 9.6 |
| FortiProxy 1.2 | 1.2 all versions | Critical | 9.6 |
| FortiProxy 1.1 | 1.1 all versions | Critical | 9.6 |
| FortiProxy 1.0 | 1.0 all versions | Critical | 9.6 |
Recommendation¶
The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of 48 hours (refer Patch Management):
| Affected product(s) and versions | Recommended Update(s) |
|---|---|
| FortiOS 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| FortiOS 7.2.0 through 7.2.6 | Upgrade to 7.2.7 or above |
| FortiOS 7.0.0 through 7.0.13 | Upgrade to 7.0.14 or above |
| FortiOS 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
| FortiOS 6.2.0 through 6.2.15 | Upgrade to 6.2.16 or above |
| FortiOS 6.0.0 through 6.0.17 | Upgrade to 6.0.18 or above |
| FortiProxy 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| FortiProxy 7.2.0 through 7.2.8 | Upgrade to 7.2.9 or above |
| FortiProxy 7.0.0 through 7.0.14 | Upgrade to 7.0.15 or above |
| FortiProxy 2.0.0 through 2.0.13 | Upgrade to 2.0.14 or above |
| FortiProxy 1.2 all versions | Migrate to a fixed release |
| FortiProxy 1.1 all versions | Migrate to a fixed release |
| FortiProxy 1.0 all versions | Migrate to a fixed release |
- WA SOC recommends using the following tool provided by Fortinet for recommended upgrade path(s): https://docs.fortinet.com/upgrade-tool/fortigate