Fortinet Critical RCE Flaws Lets Attackers Execute Arbitrary Code

In Cybersecurity News - Original News Source is by Blog Writer

Post Sharing

FortiNAC and FortiWeb, two products that are designed to protect your network from viruses and hackers, were recently updated with new security patches by Fortinet.

These updates address two vulnerabilities that are marked as critical, which, if exploited, could enable unauthorized attackers to execute arbitrary code or commands without authentication.

FortiNAC is affected by the first vulnerability that has been identified as CVE-2022-39952 and marked as “Critical” with a CVSS score of 9.8.

The FortiNAC solution is designed to help organizations gain more control over network access by offering:-

  • Real-time network visibility
  • Enforce security policies
  • Detect and mitigate threats

FortiNAC’s web server has been found to contain a vulnerability, identified as CWE-73. By manipulating the file name or path of a file, the attacker can perform arbitrary system writes in order to gain control over the system.

FortiWeb is vulnerable to the second vulnerability that has been tracked as CVE-2021-42756 and has been marked as “Critical” with a CVSS score of 9.3. The FortiWeb web application firewall (WAF) is a web application security solution that’s designed to protect the:- 

  • Web apps
  • API from cross-site scripting (XSS)
  • SQL injection
  • Bot attacks
  • DDoS

FortiWeb’s proxy daemon has been discovered to contain several stack-based buffer overflow vulnerabilities, identified as CWE-121. 

Exploiting these vulnerabilities requires no authentication, and can allow a remote attacker to achieve arbitrary code execution through HTTP requests that are specially crafted.

Affected Products

Here below we have mentioned all the products that are affected:-

  • FortiNAC version 9.4.0
  • FortiNAC version 9.2.0 through 9.2.5
  • FortiNAC version 9.1.0 through 9.1.7
  • FortiNAC 8.8 all versions
  • FortiNAC 8.7 all versions
  • FortiNAC 8.6 all versions
  • FortiNAC 8.5 all versions
  • FortiNAC 8.3 all versions
  • FortiWeb versions 5.x all versions
  • FortiWeb versions 6.0.7 and below
  • FortiWeb versions 6.1.2 and below
  • FortiWeb versions 6.2.6 and below
  • FortiWeb versions 6.3.16 and below
  • FortiWeb versions 6.4 all versions

The vulnerability identified as CVE-2022-39952 has been addressed in FortiNAC versions:- 

  • 9.4.1 and above
  • 9.2.6 and above
  • 9.1.8 and above
  • 7.2.0 and above

In order to resolve this flaw, administrators should update their FortiWeb version to the following version:

  • 7.0.0 or above
  • 6.3.17 or above
  • 6.2.7 or above
  • 6.1.3 or above
  • 6.0.8 or above

It is noteworthy that the CVE ID associated with the vulnerability suggests that it was discovered in 2021, yet it was not publicly disclosed until recently.

No mitigation advice or workarounds have been provided by the vendor for either of the identified vulnerabilities. Therefore, the only effective way to address the associated risks is by applying the available security updates.

Network Security Checklist – Download Free E-Book