Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities. CVE-2022-39952, impacting FortiNAC, has a CVSS v3 score of 9.8 (critical). FortiNAC is a network access control solution that helps organizations gain real-time network visibility, enforce security policies, and detect and mitigate threats. According to Fortinet's security advisory, "An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system." The products impacted by this flaw are: FortiNAC 9.4.1 and later, 9.2.6 and later, 9.1.8 and later, and 7.2.0 and later.
The second vulnerability, CVE-2021-42756, impacting FortiWeb, has a CVSS v3 score of 9.3 (critical). FortiWeb is a web application firewall (WAF) solution designed to protect web apps and API from cross-site scripting (XSS), SQL injection, bot attacks, DDoS (distributed denial of service), and other online threats. According to Fortinet, "Multiple stack-based buffer overflow vulnerabilities [CWE-121] in FortiWeb's proxy daemon may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests." The products impacted by this flaw are: FortiWeb 7.0.0 or later, 6.3.17 or later, 6.2.7 or later, 6.1.3 or later, and 6.0.8 or later. To address the risks, admins should apply the available security updates. As Fortinet's security advisory states, "There are no workarounds or mitigations available."