Fortinet 又出現漏洞
Fortinet addressed a critical buffer underwrite (‘buffer underflow’) vulnerability, tracked as CVE-2023-25610 (CVSS v3 9.3), that resides in the administrative interface in FortiOS and FortiProxy. A remote, unauthenticated attacker can exploit the vulnerability to execute arbitrary code on the vulnerable device and trigger a DoS condition on the GUI, by sending specifically crafted requests.
有問題的版本
- FortiOS version 7.2.0 through 7.2.3
- FortiOS version 7.0.0 through 7.0.9
- FortiOS version 6.4.0 through 6.4.11
- FortiOS version 6.2.0 through 6.2.12
- FortiOS 6.0, all versions
- FortiProxy version 7.2.0 through 7.2.2
- FortiProxy version 7.0.0 through 7.0.8
- FortiProxy version 2.0.0 through 2.0.11
- FortiProxy 1.2, all versions
- FortiProxy 1.1, all versions
建議更新
- FortiOS version 7.4.0 or above
- FortiOS version 7.2.4 or above
- FortiOS version 7.0.10 or above
- FortiOS version 6.4.12 or above
- FortiOS version 6.2.13 or above
- FortiProxy version 7.2.3 or above
- FortiProxy version 7.0.9 or above
- FortiProxy version 2.0.12 or above
- FortiOS-6K7K version 7.0.10 or above
- FortiOS-6K7K version 6.4.12 or above
- FortiOS-6K7K version 6.2.13 or above
如果暫時還沒安排更新計畫,可以先把管理介面鎖定IP或是WAN端口管理介面關閉https http 來緩解一下,建議還是安排更新。
PS: 因為此堆疊區漏洞是存在於 httpsd 的程序,所以無法經由 trust-host 來避免,必須使用 local-in policy 來限制。
參考
A critical flaw affects Fortinet FortiOS and FortiProxy, patch it now!
本篇瀏覽人數: 2554
