Security News > 2021 > July > Fortinet's security appliances hit by remote code execution vulnerability

Fortinet's security appliances hit by remote code execution vulnerability
2021-07-20 14:30

Security appliance slinger Fortinet has warned of a critical vulnerability in its own FortiGate products which can be exploited to allow unauthenticated attackers full control over the target system - providing a particular daemon is enabled.

The vulnerability, discovered by Orange Group security researcher Cyrille Chatras and sent to Fortinet privately for responsible disclosure, lies in the FortiManager and FortiAnalyzer software running atop selected models in the company's FortiGate security appliance family.

"A Use After Free vulnerability in [the] FortiManager and FortiAnalyzer fgfmsd daemon may allow a remote, non-authenticated attacker to execute unauthorised code as root via sending a specifically crafted request to the fgfm port of the targeted device," the company confirmed in a statement.

"Memory related vulnerabilities are a common problem which can often have severe impact, such as is the case here," application security expert Sean Wright told.

The vulnerability is the biggest to hit Fortinet products since October last year, when the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency warned that flaws in the FortiOS SSL virtual private network had been used to gain access to supposedly private networks in "Multiple cases."

More information is available in the FortiGuard Labs security bulletin.


News URL

https://go.theregister.com/feed/www.theregister.com/2021/07/20/fortinet_rce/