Fortinet Discloses Vulnerabilities In FortiOS, FortiProxy, FortiClient Linux And Mac

The disclosure includes one ‘critical’ vulnerability and several ‘high’ severity flaws.

Fortinet disclosed new vulnerabilities Tuesday affecting FortiOS, FortiProxy, FortiClient Linux and FortiClientMac, including one “critical” vulnerability.

The critical-severity vulnerability impacts FortiClient Linux and could be exploited to enable remote code execution, the cybersecurity vendor said.

[Related: Fortinet’s Converged Networking, Security OS Now Infused With GenAI, Data Protection]

The remaining vulnerabilities, which were awarded severity ratings of “high,” affect FortiOS, FortiProxy and FortiClientMac.

None of the vulnerabilities are known to have been exploited, Fortinet said in a statement provided to CRN.

The company added that it has “proactively communicated to customers” about the vulnerabilities and provided mitigation guidance along with recommendations on next steps.

The disclosure prompted the U.S. Cybersecurity and Infrastructure Security Agency (CISA) to release an advisory warning Tuesday, saying that a “cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.”

The “critical” remote code execution vulnerability impacting FortiClientLinux (tracked at CVE-2023-45590) was awarded a severity score of 9.4 out of 10.0, according to Fortinet.

The code injection flaw could potentially “allow an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website,” the company said in an advisory Tuesday. The vulnerability affects FortiClientLinux 7.2.0 and numerous versions of FortiClientLinux 7.0.

As a result of the high-severity vulnerability affecting FortiOS and FortiProxy, credentials are insufficiently protected against theft in numerous versions of the systems, Fortinet said.

The flaw (tracked at CVE-2023-41677) “may allow an attacker to obtain the administrator cookie in rare and specific conditions, via tricking the administrator into visiting a malicious attacker-controlled website through the SSL-VPN,” the company said.

Additionally, a pair of high-severity vulnerabilities (tracked at CVE-2023-45588 and CVE-2024-31492) include a “lack of configuration file validation” in FortiClientMac, Fortinet said.