Fortinet Patches 40 Vulnerabilities Affecting a Variety of Products, 2 Critical RCE Vulnerabilities

February 19, 2023

Fortinet Patches 40 Vulnerabilities Affecting a Variety of Products, 2 Critical RCE Vulnerabilities

Fortinet patched 40 vulnerabilities in various products, 2 of which had a Critical-Severity level.

Successful exploitation of the critical vulnerabilities allows unauthenticated remote attacker to perform arbitrary write (RCE) on the affected system.

The Critical Vulnerabilities

  • CVE-2022-39952 (CVSS 3.1: 9.8, Critical)  – An external control of file name or path vulnerability in FortiNAC webserver, may allow an unauthenticated attacker to perform arbitrary write on the system.
  • CVE-2021-42756 (CVSS 3.1: 9.3, Critical))  – Multiple stack-based buffer overflow vulnerabilities in FortiWeb’s proxy daemon, may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.

Affected Products

  • FortiWeb (Critical)
  • FortiNAC (Critical)
  • FortiOS (High-Severity)
  • FortiProxy (High-Severity)
  • FortiAnalyzer (Medium-Severity)
  • FortiADC (High-Severity)
  • FortiSandbox (Medium-Severity)
  • FortiPortal (Medium-Severity)
  • FortiWAN (High-Severity)
  • FortiAuthenticator (Medium-Severity)
  • FortiSwitch (Medium-Severity)
  • FortiExtender (High-Severity)
  • FortiSwitchManager (High-Severity)

The specific vulnerable versions can be seen in Forti Advisory.

Mitigation

CYREBRO strongly recommends all Forti customers to update to the patched versions of the affected products.

References: FortiGuard PSIRT Advisories

Sign Up for Updates