Security News > 2023 > June > Fortinet fixes critical FortiNAC remote command execution flaw
Cybersecurity solutions company Fortinet has updated its zero-trust access solution FortiNAC to address a critical-severity vulnerability that attackers could leverage to execute code and commands.
FortiNAC is a allows organizations to manage network-wide access policies, gain visibility of devices and users, and secure the network against unauthorized access and threats.
"A deserialization of untrusted data vulnerability [CWE-502] in FortiNAC may allow an unauthenticated user to execute unauthorized code or commands via specifically crafted requests to the TCP/1050 service" - Fortinet.
Along with the critical RCE, Fortinet also annouced today that it fixed a medium-severity vulnerability tracked as CVE-2023-33300 - an improper access control issue affecting FortiNAC 9.4.0 through 9.4.3 and FortiNAC 7.2.0 through 7.2.1.
"An improper neutralization of special elements used in a command vulnerability [CWE-77] in FortiNAC TCP/5555 service may allow an unauthenticated attacker to copy local files of the device to other local directories of the device via specially crafted input fields" - Fortinet.
A recent example is CVE-2022-39952, a critical RCE impacting FortiNAC that received a fix in mid-February but hackers started using it in attacks a few days later, after proof-of-concept code was published.
News URL
Related news
- Fortinet warns of critical RCE bug in endpoint management software (source)
- More than 133,000 Fortinet appliances still vulnerable to month-old critical bug (source)
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- Patch up – 4 critical bugs in ArubaOS lead to remote code execution (source)
- Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-02-16 | CVE-2022-39952 | Exposure of Resource to Wrong Sphere vulnerability in Fortinet Fortinac A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request. | 9.8 |