Security News > 2021 > July > Fortinet fixes bug letting unauthenticated hackers run code as root

Fortinet has released updates for its FortiManager and FortiAnalyzer network management solutions to fix a serious vulnerability that could be exploited to execute arbitrary code with the highest privileges.

Both FortiManager and FortiAnalyzer are enterprise-grade network management solutions for environments with up to 100,000 devices.

They are available as a physical appliance, as a virtual machine, in the cloud, or hosted by Fortinet.

Fortinet has published a security advisory for the issue, which is currently tracked as CVE-2021-32589, saying that it is a use-after-free vulnerability in FortiManager and FortiAnalyzer fgfmsd daemon.

Fortinet says that sending a specially crafted request to the "FGFM" port of a target device "May allow a remote, non-authenticated attacker to execute unauthorized code as root."

Credited for finding and responsibly reporting the vulnerability to Fortinet is Cyrille Chatras, a reverse engineer and pentester from Orange group that previously discovered and reported bugs in products from Nokia, Juniper, Red Hat, and in open-source Android [1, 2, 3, 4]. CISA has also published an advisory encouraging users and administrators to review the vulnerability information from Fortinet and apply the updates.

News URL

https://www.bleepingcomputer.com/news/security/fortinet-fixes-bug-letting-unauthenticated-hackers-run-code-as-root/