This vulnerability was discovered by Fortinet's CSE team and affects FortiProxy versions 7.0.x and 7.2.x, and FortiOS versions 6.2.x, 6.4.x, 7.0.x, and 7.2.x. To address this issue, Fortinet has released FortiProxy versions 7.0.11 and 7.2.5, and FortiOS versions 6.2.15, 6.4.13, 7.0.12, 7.2.5, and 7.4.0.
Alongside this, Fortinet also issued patches for a serious vulnerability in its web application firewall and API protection solution, FortiWeb. This flaw, identified as CVE-2023-34984 with a CVSS score of 7.1, could enable an attacker to bypass existing XSS and cross-site request forgery (CSRF) protections. The bug impacts FortiWeb versions 6.3, 6.4, 7.0.x, and 7.2.x. To address this, Fortinet released FortiWeb versions 7.0.7 and 7.2.2.
Fortinet is urging its users to update their firewalls and switches as soon as possible to mitigate these vulnerabilities. While the company has not reported any of these vulnerabilities being actively exploited, it is known that flaws in Fortinet appliances have previously been used to gain access to enterprise networks.
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning that exploitation of these bugs could result in full system compromise. CISA advises administrators to review Fortinet’s advisories and apply the necessary updates. As CISA notes, “A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system.”