Fortinet Discloses Two ‘Critical’ Vulnerabilities, Three High-Severity Flaws

The five newly disclosed vulnerabilities prompted CISA to release an advisory warning Tuesday.

Fortinet disclosed five new vulnerabilities with severity ratings of “critical” or “high” Tuesday, prompting the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release an advisory warning.

The flaws impact Fortinet products including FortiClient EMS (Enterprise Management Server) and FortiManager as well as FortiOS and FortiProxy.

[Related: ‘Critical’ Fortinet FortiOS Vulnerability Seeing Exploitation: CISA]

“A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system,” CISA wrote in its advisory about the newly disclosed Fortinet vulnerabilities Tuesday.

Fortinet did not specify whether any of the vulnerabilities are known to have been exploited in attacks so far.

CRN has reached out to Fortinet for comment.

The two “critical” vulnerabilities have each been awarded a severity score of 9.3 out of 10.0, according to Fortinet.

A critical-severity FortiClientEMS vulnerability (tracked at CVE-2023-48788) could enable “a remote and unauthenticated attacker to execute arbitrary commands on the admin workstation via creating malicious log entries with crafted requests to the server,” Fortinet said in its disclosure.

The other “critical” vulnerability impacts the FortiOS and FortiProxy captive portal, and combines two issues, an out-of-bounds write flaw and buffer overflow vulnerability, according to the company. Together, the flaws (tracked at CVE-2023-42789 and CVE-2023-42790) could enable “an inside attacker who has access to captive portal to execute arbitrary code or commands via specially crafted HTTP requests,” the company said.

For the “high” severity vulnerabilities, Fortinet said they impact FortiClientEMS (CVE-2023-47534), FortiManager (CVE-2023-36554) and FortiOS and FortiProxy SSLVPN (CVE-2024-23112).