Fortinet has recently announced its monthly set of security updates, addressing nine vulnerabilities across multiple products. Among these, two high-severity vulnerabilities impacting FortiADC, FortiOS, and FortiProxy have been identified. The most severe issue is tracked as CVE-2023-27999 and affects the FortiADC application delivery controller. Described as an "improper neutralization of special elements used in an OS command vulnerability," an attacker could exploit this vulnerability by using crafted arguments to existing commands, allowing them to execute unauthorized commands. To exploit the vulnerability, the attacker needs to be authenticated. The issue impacts FortiADC versions 7.2.0, 7.1.1, and 7.1.0 and has been addressed with the release of FortiADC versions 7.2.1 and 7.1.2.
The second high-severity flaw, CVE-2023-22640, is an out-of-bounds write in the sslvpnd component of FortiOS and FortiProxy. This bug allows an authenticated attacker to send specifically crafted requests to achieve arbitrary code execution. The vulnerability was discovered in FortiOS versions 7.2.x, 7.0.x, 6.4.x 6.2.x, and 6.0.x, and FortiProxy versions 7.2.x, 7.0.x, 2.0.x, and 1.x.x. Fortinet has addressed the issue with the release of FortiOS versions 7.4.0, 7.2.4, 7.0.11, 6.4.12, and 6.2.14, and in FortiProxy versions 7.2.2 and 7.0.8.
In addition to these high-severity vulnerabilities, Fortinet also released patches for medium-severity flaws in FortiNAC and FortiADC. These include hard-coded credentials, improper neutralization of input, path traversal, and weak authentication issues. Multiple low-severity bugs in FortiNAC have also been addressed. More information on the resolved vulnerabilities can be found on Fortinet's PSIRT advisories page.
Fortinet has not reported any instances of these vulnerabilities being exploited in malicious attacks. However, it is known that flaws in unpatched Fortinet products are often exploited. As a result, customers are advised to apply the available security updates as soon as possible. Related articles include reports on Fortinet patching a critical vulnerability in their data analytics solution, the exploitation of a recent Fortinet zero-day linked to Chinese cyberspies, and the discovery of a zero-day exploit in government attacks after devices detected an integrity breach.