- Home
- Alerts & Advisories
- Alerts
- Active Exploitation of Unpatched Vulnerabilities in Fortinet Products
Alerts
Active Exploitation of Unpatched Vulnerabilities in Fortinet Products
24 July 2023
There are reports that unpatched vulnerabilities in Fortinet's products are being actively exploited. Successful exploitation may lead to ransomware incidents or data exfiltration. Users and administrators are advised to patch their devices and software as soon as updates are released and regularly change their admin credentials.
The vulnerabilities known to be actively exploited are:
Vulnerabilities
CVE | Product | Affected Products | Description | CVSSv3 Score |
|---|---|---|---|---|
CVE-2023-27997 | FortiOS and FortiProxy SSL-VPN | · FortiOS-6K7K version 7.0.10
| Fortinet FortiOS and FortiProxy SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute code or commands via specifically crafted requests. | 9.8 |
CVE-2020-12812 | FortiOS | · FortiOS version 7.2.0 through 7.2.3
| Fortinet FortiOS SSL VPN contains an improper authentication vulnerability that may allow a user to login successfully without being prompted for the second factor of authentication (FortiToken) if they change the case in their username. | 9.8 |
CVE-2022-40684 | Fortinet FortiOS, FortiProxy, and FortiSwitchManager | · FortiOS versions 5.x, 6.x are NOT impacted.
| Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. | 9.6 |
CVE-2022-42475 | FortiOS | · FortiOS version 7.2.0 through 7.2.2
| Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests. | 9.3 |
CVE-2018-13382 | FortiOS and FortiProxy | · FortiOS 6.0.0 to 6.0.4
| An Improper Authorisation vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password. | 9.1 |
CVE-2018-13379 | FortiOS | · FortiOS 6.0 - 6.0.0 to 6.0.4 | Fortinet FortiOS SSL VPN web portal contains a path traversal vulnerability that may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests. | 9.1 |
CVE-2018-13374 | FortiOS and FortiADC | · FortiOS 6.0.2 and below | Fortinet FortiOS and FortiADC contain an improper access control vulnerability which allows attackers to obtain the LDAP server login credentials configured in FortiGate by pointing a LDAP server connectivity test request to a rogue LDAP server. | 8.8 |
CVE-2022-41328 | FortiOS | · FortiOS version 7.2.0 through 7.2.3
| Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands. | 6.7 |
CVE-2019-5591 | FortiOS | · FortiOS 6.2.0 and below. | Fortinet FortiOS contains a default configuration vulnerability that may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the Lightweight Directory Access Protocol (LDAP) server. | 6.5 |
CVE-2018-13383 | FortiOS and FortiProxy | · FortiOS 6.0.0 to 6.0.4
| A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users. | 4.3 |
CVE-2021-44168 | FortiOS | · FortiOS versions 6.0.13 and below,
| Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files. | 3.3 |
More information is available here:
https://www.cisa.gov/known-exploited-vulnerabilities-catalog