Fortinet has recently addressed a critical security vulnerability impacting FortiClientLinux, mitigating the risk of potential arbitrary code execution.Β
This vulnerability, officially designated as CVE-2023-45590, has been assigned a substantial CVSS score of 9.4 out of a maximum of 10.
According to an advisory from Fortinet, an ‘Improper Control of Generation of Code’ vulnerability (CWE-94) in FortiClientLinux could potentially enable an unauthenticated attacker to execute arbitrary code. This could occur through the exploitation of users who unwittingly visit a malicious website, thereby highlighting the severity of the issue.
The presence of a “dangerous nodejs configuration” has led to the identification of a critical flaw in FortiClientLinux, categorized as remote code execution. This vulnerability impacts several versions, including 7.0.3 through 7.0.4 and 7.0.6 through 7.0.10, urging users to upgrade to version 7.0.11 or higher. Additionally, version 7.2.0 is affected, necessitating an upgrade to 7.2.1 or higher. Security researcher CataLpa from Dbappsecurity was instrumental in uncovering and reporting this vulnerability, emphasizing the importance of prompt action to mitigate potential risks.
Fortinet’s April 2024 security updates also address a critical issue concerning FortiClientMac installations. This problem, identified as CVE-2023-45588 and CVE-2024-31492, carries significant risks, with CVSS scores of 7.8. It highlights the potential for code execution, underscoring the importance of applying the provided updates promptly to safeguard systems against potential exploits.
Fortinet has also resolved a security vulnerability affecting FortiOS and FortiProxy. This flaw, identified as CVE-2023-41677, posed a risk of leaking administrator cookies under certain circumstances. With a CVSS score of 7.5, addressing this issue in the latest updates is crucial to prevent potential unauthorized access and ensure the integrity of system operations.
While there have been no reported instances of these vulnerabilities being exploited in real-world scenarios, the importance of proactive security measures cannot be overstated. By promptly applying updates and patches provided by Fortinet, users can fortify their systems against potential risks, ensuring the continued protection of sensitive data and critical infrastructure. Maintaining vigilance and staying abreast of security advisories are essential practices in safeguarding against emerging threats. Let us remain committed to upholding the highest standards of cybersecurity to mitigate risks and preserve the integrity of our digital environments.
MANAGED CYBERSECURITY SOLUTIONS
Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.
About Rhyno Cybersecurity Services
Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.
Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.