Table of Contents
  • Home
  • /
  • Blog
  • /
  • Breaking Down the Latest February 2023 Monthly PSIRT Advisory Report From Fortinet
January 3, 2024
|
24m

Breaking Down the Latest February 2023 Monthly PSIRT Advisory Report From Fortinet


Breaking Down The Latest February 2023 Monthly Psirt Advisory Report From Fortinet

Monthly PSIRT Advisories refers to an Advisories Report that Fortinet’s Product Security Incident Response Team (PSIRT) team rolls out every month. The report provides a list of advisories for vulnerabilities resolved in Fortinet products. Considering its importance, we have decided to publish a monthly breakdown of the Fortinet Monthly PSIRT Advisory Report on thesecmaster.com. We are going to cover the February 2023 Monthly PSIRT Advisory Report this time and going forward. You are going to see the same report for upcoming months on this website.

Summary of February 2023 Monthly PSIRT Advisory Report:

Fortinet released the February 2023 Monthly PSIRT Advisory Report early this week. Let’s see the summary of the report:

  • The report listed out in total 40 vulnerabilities, of which 2 are classified as critical, 15 are classified as High, 22 are Medium, and 1 as Low in severity.

  • The two Critical vulnerabilities identified are CVE-2022-39952 and CVE-2021-42756, the first flaw is an External Control of File Name or Path in the keyUpload scriptlet in FortiNAC, and the second flaw is a Stack-based buffer overflow in Proxyd services in FortiWeb products.

  • The products affected by this list of 40 vulnerabilities may include FortiWeb, FortiOS, FortiNAC, FortiProxy, FortiAnalyzer, FortiADC, FortiSandbox, fortiPortal, fortiWAN, ForitAuthenticator, FortiSwitch, FortiExtender, and FortiSwitchManager.

Vulnerabilities by Category:

All 40 vulnerabilities are categorized into 16 different vulnerabilities. Command injection is the most frequently identified vulnerability, appearing 7 times in the February 2023 Monthly PSIRT Advisory Report. Command injection is a web security vulnerability that allows an attacker to execute arbitrary operating system (OS) commands on the server that is running an application and typically fully compromises the application and all its data. Buffer overflow and cryptographic vulnerabilities are the next most frequently identified vulnerability types, appearing 6 times each. Path traversal vulnerabilities appear 5 times, and cross-site scripting (XSS) vulnerabilities appear 4 times. Please see this table which provides information on the number of various vulnerability types identified in the February 2023 Monthly PSIRT Advisory Report.

Vulnerability TypeNumber of Occurence
Command injection7
Buffer overflows 6
Cryptographic Vulnerabilities6
Path traversal vulnerability5
Cross Sight Scripting (XSS)4
Improper password storage 2
Clear-text insertion of device passwords into audit log1
Format string bug in command line interpreter1
Memory corruption 1
Improper access control1
Improper management vulnerability1
Unauthorized configuration download1
XML External Entities (XEE)1
Arbitrary file write vulnerability1
HTTP response splitting vulnerability1
Double free1

Vulnerabilities by Product:

Please refer to this table if you want to know the list of vulnerabilities by the Fortinet products.

Fortinet ProductNumber of Occurrence
FortiWeb19
FortiOS8
FortiNAC8
FortiProxy6
FortiAnalyzer1
FortiADC1
FortiSandbox1
FortiPortal1
FortiWAN1
FortiAuthenticator1
FortiSwitch1
FortiExtender1
FortiSwitchManager1

List of Critical Vulnerabilities February 2023 Monthly PSIRT Advisory Report:

The severity of the identified vulnerabilities is measured in the CVSS score. CVSS is a scale measured from 0 to 10 where 0 is the least severe and 10 is the most severe Vulnerability. All the vulnerabilities are assigned a CVSS number between 0.0 to 10.10 depending on several factors, including the attack vector, the attack complexity, and the impact on confidentiality, integrity, and availability. The vulnerabilities assigned the CVSS score between 0 to 4 are labeled ‘Low’ severity. The vulnerabilities assigned the CVSS score between 4 to 7 are labeled ‘Medium’ severity. Similarly, the vulnerabilities assigned a CVSS score between 7 to 8 are labeled ‘High’ severity, and the CVSS score between 9 to 10 is ‘Critical’ in severity.

The below table lists the vulnerabilities considered Critical in severity.

CVE IDVulnerabilityVulnerable Product/ApplicationSolution
CVE-2022-39952External Control of File Name or Path in keyUpload scriptlet in FortiNACFortiNAC version 9.4.0
FortiNAC version 9.2.0 through 9.2.5
FortiNAC version 9.1.0 through 9.1.7
FortiNAC 8.8 all versions

FortiNAC 8.7 all versions
FortiNAC 8.6 all versions
FortiNAC 8.5 all versions
FortiNAC 8.3 all versions
Please upgrade to FortiNAC version 9.4.1 or above

Please upgrade to FortiNAC version 9.2.6 or above

Please upgrade to FortiNAC version 9.1.8 or above

Please upgrade to FortiNAC version 7.2.0 or above
CVE-2021-42756Stack-based buffer overflows in Proxyd in FortiWebFortiWeb versions 5.x all versions
FortiWeb versions 6.0.7 and below
FortiWeb versions 6.1.2 and below
FortiWeb versions 6.2.6 and below

FortiWeb versions 6.3.16 and below,
FortiWeb version 6.4 all versions
Upgrade to FortiWeb 7.0.0 or above

Upgrade to FortiWeb 6.3.17 or above

Upgrade to FortiWeb 6.2.7 or above

Upgrade to FortiWeb 6.1.3 or above

Upgrade to FortiWeb 6.0.8 or above

Comprehensive List of Vulnerabilities Patched in February 2023 Monthly PSIRT Advisory Report:

We have segregated the list into multiple lists by the Applications. You can refer to the complete list of the official Fortinet security updates here

FortiWeb Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2021-43074Padding oracle in cookie encryption in
FortiOS, FortiWeb, FortiProxy and FortiSwitch
4.1MediumFortiOS versions 7.0.3 and below.
FortiOS versions 6.4.8 and below,
FortiOS 6.2 all versions
FortiOS 6.0 all versions

FortiWeb 6.4 all versions
FortiWeb versions 6.3.16 and below,
FortiWeb 6.2 all versions
FortiWeb 6.1 all versions

FortiWeb 6.0 all versions
FortiProxy versions 7.0.1 and below,
FortiProxy versions 2.0.7 and below,
FortiProxy 1.2 all versions

FortiProxy 1.1 all versionsFortiProxy 1.0 all versions
FortiSwitch versions 7.0.3 and below,
FortiSwitch versions 6.4.10 and below,
FortiSwitch 6.2 all versions

FortiSwitch 6.0 all versions
Upgrade to FortiOS version 7.0.4 or above.

Upgrade to FortiOS version 6.4.9 or above.

Upgrade to FortiWeb version 7.0.0 or above.

Upgrade to FortiWeb version 6.3.17 or above.

Upgrade to FortiProxy version 7.0.2 or above.

Upgrade to FortiProxy version 2.0.8 or above.

Upgrade to FortiSwitch version 7.2.0 or above.

Upgrade to FortiSwitch version 7.0.4 or above.

Upgrade to FortiSwitch version 6.4.11 or above.
CVE-2022-30306Buffer overflow in CA sign function in FortiWeb6.3MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.19
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2022-33871Buffer overflow in execute backup-local command in FortiWeb6.3MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.19
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2023-23777Command injection in CLI backup functionality in FortiWeb7.2HighFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.18
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.19 or above
CVE-2022-40683Double free in pipe management in FortiWeb7.1High0258FortiWeb version 7.0.0 through 7.0.3Please upgrade to FortiWeb version 7.2.0 or above

Please upgrade to FortiWeb version 7.0.4 or above
CVE-2023-23782Heap based overflow in CLI in FortiWeb7.1HighFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.0 through 6.3.19
FortiWeb 6.4 all versions
FortiWeb 6.2 all versions

FortiWeb 6.1 all versions
FortiWeb 6.0 all versions
Upgrade to FortiWeb 7.0.2 or above,

Upgrade to FortiWeb 6.3.20 or above.
CVE-2023-23779Multiple OS command injection in FortiWeb6.6MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.19
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2023-23780Multiple Stack based buffer overflow in web interface in FortiWeb7.6HighFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.19
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2022-30303OS command injection in Web GUI in FortiWeb8.6HighFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.0 through 6.3.19
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2023-23784Path traversal in API controller in FortiWeb5.6MediumFortiWeb version 7.0.0 through 7.0.2
FortiWeb version 6.3.6 through 6.3.20
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.3 or above

Please upgrade to FortiWeb version 6.3.21 or above
CVE-2022-30300Path traversal in API handler in FortiWeb6.2MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.18
FortiWeb 6.4 all versions
Upgrade FortiWeb to version 7.0.2 and above.

Upgrade FortiWeb to version 6.3.19 and above.
CVE-2023-23778Path traversal via browse report CGI component in FortiWeb4.7MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb 6.2 all versions
FortiWeb 6.4 all versions
FortiWeb 6.3 all versions
Please upgrade to FortiWeb version 7.0.2 or above
CVE-2022-30299Relative path traversal in web API FortiWeb5MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.0 through 6.3.19
FortiWeb 6.4 all versions
FortiWeb 6.2 all versions

FortiWeb 6.1 all versions
FortiWeb 6.0 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2023-23781Stack based buffer overflow in SAML management in FortiWeb6.1MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb version 6.3.6 through 6.3.19
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

Please upgrade to FortiWeb version 6.3.20 or above
CVE-2023-25602Stack-based Buffer Overflow in command line interpreter in FortiWeb7.4HighFortiWeb 6.4 all versions.
FortiWeb versions 6.3.17 and earlier.
FortiWeb versions 6.2.6 and earlier.
FortiWeb versions 6.1.2 and earlier.

FortiWeb versions 6.0.7 and earlier.
FortiWeb versions 5.9.1 and earlier.
FortiWeb 5.8 all versions
FortiWeb 5.7 all versions

FortiWeb 5.6 all versions
Please upgrade to FortiWeb version 7.0.0 or above

Please upgrade to FortiWeb version 6.3.18 or above

Please upgrade to FortiWeb version 6.2.7 or above

Please upgrade to FortiWeb version 6.1.3 or above

Please upgrade to FortiWeb version 6.0.8 or above

Please upgrade to FortiWeb version 5.9.2 or above
CVE-2021-42756Stack-based buffer overflows in Proxyd in FortiWeb9.3CriticalFortiWeb versions 5.x all versions,
FortiWeb versions 6.0.7 and below,
FortiWeb versions 6.1.2 and below,
FortiWeb versions 6.2.6 and below,

FortiWeb versions 6.3.16 and below,
FortiWeb versions 6.4 all versions.
Upgrade to FortiWeb 7.0.0 or above,

Upgrade to FortiWeb 6.3.17 or above,

Upgrade to FortiWeb 6.2.7 or above.

Upgrade to FortiWeb 6.1.3 or above.

Upgrade to FortiWeb 6.0.8 or above.
CVE-2023-22636Unauthorized Configuration Download Vulnerability inFortiWeb6.6MediumFortiWeb version 7.0.0 through 7.0.4
FortiWeb version 6.4.0 through 6.4.2
FortiWeb version 6.3.6 through 6.3.21
Please upgrade to FortiWeb version 7.0.5 or above.

Please upgrade to FortiWeb version 7.2.0 or above.
CVE-2021-42761Weak generation of WAF session IDs leads to session fixation in FortiWeb8.5HighFortiWeb 5.6 all versions
FortiWeb 5.7 all versions
FortiWeb 5.8 all versions
FortiWeb versions 5.9.1 and below,

FortiWeb versions 6.0.7 and below,
FortiWeb versions 6.1.2 and below,
FortiWeb versions 6.2.6 and below,
FortiWeb versions 6.3.16 and below,

FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.0 or above

Please upgrade to FortiWeb version 6.3.17 or above

Please upgrade to FortiWeb version 6.2.7 or above

Please upgrade to FortiWeb version 6.1.3 or above

Please upgrade to FortiWeb version 6.0.8 or above

Please upgrade to FortiWeb version 5.9.2 or above
CVE-2023-23783format string vulnerability in the CLI in FortiWeb6.5MediumFortiWeb version 7.0.0 through 7.0.1
FortiWeb 6.4 all versions
Please upgrade to FortiWeb version 7.0.2 or above

FortiOS Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-38378Ability to modify privileges from Custom to Read-Write in FortiOS & FortiProxy4MediumFortiOS version 7.2.0
FortiOS version 7.0.0 through 7.0.7
FortiOS 6.4 all versions
FortiOS 6.2 all versions

FortiOS 6.0 all versions
FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy 2.0 all versions

FortiProxy 1.2 all versionsFortiProxy 1.1 all versions
Please upgrade to FortiOS version 7.2.1 or above

Please upgrade to FortiOS version 7.0.8 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above
CVE-2022-39948Lack of certificate verification when establishing secure connections with threat feed fabric connectors in FortiOS & FortiProxy4.4MediumFortiProxy version 7.0.0 through 7.0.6
FortiProxy version 2.0 all versions
FortiProxy version 1.2 all versions
FortiOS version 7.2.0 through 7.2.3

FortiOS version 7.0.0 through 7.0.7
FortiOS version 6.4 all versions
FortiOS version 6.2 all versions
FortiOS version 6.0 all versions
Please upgrade to FortiProxy version 7.2.0 or above

Please
upgrade to FortiProxy version 7.0.7 or above

Please Upgrade to FortiOS version 7.2.4 or above

Please Upgrade to FortiOS version 7.0.8 or above
CVE-2022-42472header injection in proxy login page in FortiOS & FortiProxy4MediumFortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0.0 through 2.0.10
FortiProxy 1.2 all versions

FortiProxy 1.1 all versions
FortiOS version 7.2.0 through 7.2.2
FortiOS version 7.0.0 through 7.0.8
FortiOS 6.4 all versions

FortiOS 6.2 all versions
FortiOS 6.0 all versions
Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above

Please upgrade to FortiProxy version 2.0.11 or above

Please upgrade to FortiOS version 7.2.3 or above

Please upgrade to FortiOS version 7.0.9 or above
CVE-2022-41334XSS vulnerability in the Login page when FortiCloud Sign-in is used in FortiOS8.6HighFortiOS version 7.2.0 through 7.2.3
FortiOS version 7.0.0 through 7.0.7
Please upgrade to FortiOS version 7.2.4 or above

Please upgrade to FortiOS version 7.0.8 or above
CVE-2022-29054Flaws over DHCP and DNS keys encryption scheme in FortiOS / FortiProxy3.1LowFortiOS version 7.2.0
FortiOS version 7.0.0 through 7.0.7
FortiOS version 6.4 all versions
FortiOS version 6.2 all versions

FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0 all versions
FortiProxy version 1.2 all versions

FortiProxy version 1.1 all versions
Please upgrade to FortiOS version 7.2.1 or above

Please upgrade to FortiOS version 7.0.8 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above
CVE-2021-43074Padding oracle in cookie encryption in FortiOS, FortiWeb, FortiProxy and FortiSwitch4.1MediumFortiOS versions 7.0.3 and below.
FortiOS versions 6.4.8 and below,
FortiOS 6.2 all versions
FortiOS 6.0 all versions

FortiWeb 6.4 all versions
FortiWeb versions 6.3.16 and below,
FortiWeb 6.2 all versions
FortiWeb 6.1 all versions

FortiWeb 6.0 all versions
FortiProxy versions 7.0.1 and below,
FortiProxy versions 2.0.7 and below,
FortiProxy 1.2 all versions

FortiProxy 1.1 all versions
FortiProxy 1.0 all versions
FortiSwitch versions 7.0.3 and below,
FortiSwitch versions 6.4.10 and below,

FortiSwitch 6.2 all versions
FortiSwitch 6.0 all versions
Upgrade to FortiOS version 7.0.4 or above.

Upgrade to FortiOS version 6.4.9 or above.

Upgrade to FortiWeb version 7.0.0 or above.

Upgrade to FortiWeb version 6.3.17 or above.

Upgrade to FortiProxy version 7.0.2 or above.

Upgrade to FortiProxy version 2.0.8 or above.

Upgrade to FortiSwitch version 7.2.0 or above.

Upgrade to FortiSwitch version 7.0.4 or above.

Upgrade to FortiSwitch version 6.4.11 or above.
CVE-2022-22302Disclosure of private keys corresponding to Apple (APNS) and Google (GCM) certificates in FortiOS, FortiAuthenticator5.3MediumFortiOS version 6.4.0 through 6.4.1
FortiOS version 6.2.0 through 6.2.9
FortiOS version 6.0.0 through 6.0.13
FortiAuthenticator version 6.1.0

FortiAuthenticator version 6.0.0 through 6.0.4
FortiAuthenticator 5.5 all versions
Please upgrade to FortiGate version 6.4.2 or above.

Please upgrade to FortiOS version 6.2.10 or above

Please upgrade to FortiOS version 6.0.14 or above

Please upgrade to FortiAuthenticator version 6.2.0 or above

Please upgrade to FortiAuthenticator version 6.1.1 or above

Please upgrade to FortiAuthenticator version 6.0.5 or above

Workaround in FortiOS:Disable the FTM push service by using the below commands:config system ftm-pushset status disableend
CVE-2022-41335Arbitrary read/write vulnerability in administrative interface in FortiOS, FortiProxy & FortiSwitchManager8.6HighFortiOS version 7.2.0 through 7.2.2
FortiOS version 7.0.0 through 7.0.8
FortiOS version 6.4.0 through 6.4.10
FortiOS version 6.2.0 through 6.2.12

FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0.0 through 2.0.10
FortiProxy version 1.2 all versions

FortiProxy version 1.1 all versions
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0
Please upgrade to FortiOS version 7.2.3 or above

Please upgrade to FortiOS version 7.0.9 or above

Please upgrade to FortiOS version 6.4.11 or above

Please upgrade to FortiOS version 6.2.13 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above

Please upgrade to FortiProxy version 2.0.11 or above

Please upgrade to FortiSwitchManager version 7.2.1 or above

Please upgrade to FortiSwitchManager version 7.0.1 or above

FortiNAC Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-39952External Control of File Name or Path in keyUpload scriptlet in FortiNAC9.8CriticalFortiNAC version 9.4.0
FortiNAC version 9.2.0 through 9.2.5
FortiNAC version 9.1.0 through 9.1.7
FortiNAC 8.8 all versions

FortiNAC 8.7 all versions
FortiNAC 8.6 all versions
FortiNAC 8.5 all versions
FortiNAC 8.3 all versions
Please upgrade to FortiNAC version 9.4.1 or above

Please upgrade to FortiNAC version 9.2.6 or above

Please upgrade to FortiNAC version 9.1.8 or above

Please upgrade to FortiNAC version 7.2.0 or above
CVE-2022-40677Multiple Command Injections in webserver in FortiNAC7.2HighFortiNAC version 9.4.0
FortiNAC version 9.2.0 through 9.2.5
FortiNAC version 9.1.0 through 9.1.7
FortiNAC 8.8, 8.7, 8.6, 8.5, 8.3  all versions
Please upgrade to FortiNAC version 9.4.1 or above

Please upgrade to FortiNAC version 9.2.6 or above

Please upgrade to FortiNAC version 9.1.8 or above

Please upgrade to FortiNAC version 7.2.0 or above
CVE-2023-22638Multiple Stored and Reflected XSS in FortiNAC6.7MediumSeveral improper neutralization of inputs during web page generation vulnerability [CWE-79] in FortiNAC may allow an authenticated attacker to perform several XSS attacks via crafted HTTP GET requests.Please upgrade to FortiNAC-F version 7.2.0 or above,

Please upgrade to FortiNAC version 9.4.2 or above
CVE-2022-39954Multiple XML external entity (XXE) injection in FortiNAC6.9MediumFortiNAC version 9.4.0 through 9.4.1
FortiNAC all versions 9.2, 9.1, 8.8, 8.7, 8.6, 8.5, 8.3
Please upgrade to FortiNAC version 9.4.2 or above

Please upgrade to FortiNAC version 7.2.0 or above
CVE-2022-38376Multiple reflected cross-site scripting vulnerabilities in portal UI in FortiNAC5.8MediumFortiNAC version 9.4.0 through 9.4.1
FortiNAC 9.2 all versionsFortiNAC 9.1 all versions
FortiNAC 8.8 all versions
FortiNAC 8.7 all versionsFortiNAC 8.6 all versions
Please upgrade to FortiNAC version 7.2F or above

Please upgrade to FortiNAC version 9.4.2 or above
CVE-2022-38375Unauthenticated access to administrative operations in FortiNAC8.6HighFortiNAC version 9.4.0 through 9.4.1
FortiNAC version 9.2.0 through 9.2.6
Please upgrade to FortiNAC-F version 7.2.0 or above

Please upgrade to FortiNAC version 9.4.2 or above

Please upgrade to FortiNAC version 9.2.7 or above
CVE-2022-40678Weak password storage in FortiNAC7.4HighFortiNAC version 9.4.0
FortiNAC version 9.2.0 through 9.2.5
FortiNAC version 9.1.0 through 9.1.7
FortiNAC 8.8 all versions

FortiNAC 8.7 all versions
FortiNAC 8.6 all versions
FortiNAC 8.5 all versions
FortiNAC 8.3 all versions
Please upgrade to FortiNAC-F version 7.2.0 or above

Please upgrade to FortiNAC version 9.4.1 or above

Please upgrade to FortiNAC version 9.2.6 or above

Please upgrade to FortiNAC version 9.1.8 or above
CVE-2022-40675Wrong use of cryptographic primitives in FortiNAC6MediumFortiNAC version 9.4.0 through 9.4.1
FortiNAC 9.2 all versions
FortiNAC 9.1 all versions
FortiNAC 8.8 all versions

FortiNAC 8.7 all versions
FortiNAC 8.6 all versions
FortiNAC 8.5 all versions
FortiNAC 8.3 all versions
Please upgrade to FortiNAC version 9.4.2 or above

Please upgrade to FortiNAC version 7.2.0 or above

FortiNAC Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-38378Ability to modify privileges from Custom to Read-Write in FortiOS & FortiProxy4MediumFortiOS version 7.2.0
FortiOS version 7.0.0 through 7.0.7
FortiOS 6.4 all versions
FortiOS 6.2 all versions

FortiOS 6.0 all versions
FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy 2.0 all versions

FortiProxy 1.2 all versions
FortiProxy 1.1 all versions
Please upgrade to FortiOS version 7.2.1 or above

Please upgrade to FortiOS version 7.0.8 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above
CVE-2022-39948Lack of certificate verification when establishing secure connections with threat feed fabric connectors4.4MediumFortiProxy version 7.0.0 through 7.0.6
FortiProxy version 2.0 all versions
FortiProxy version 1.2 all versions
FortiOS version 7.2.0 through 7.2.3

FortiOS version 7.0.0 through 7.0.7
FortiOS version 6.4 all versions
FortiOS version 6.2 all versions
FortiOS version 6.0 all versions
Please upgrade to FortiProxy version 7.2.0 or above

Please upgrade to FortiProxy version 7.0.7 or above

Please upgrade to FortiOS version 7.2.4 or above

Please upgrade to FortiOS version 7.0.8 or above
CVE-2022-42472header injection in proxy login page in FortiOS & FortiProxy4MediumFortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0.0 through 2.0.10
FortiProxy 1.2 all versions

FortiProxy 1.1 all versions
FortiOS version 7.2.0 through 7.2.2
FortiOS version 7.0.0 through 7.0.8
FortiOS 6.4 all versions
FortiOS 6.2 all versions
FortiOS 6.0 all versions
Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above

Please upgrade to FortiProxy version 2.0.11 or above

Please upgrade to FortiOS version 7.2.3 or above

Please upgrade to FortiOS version 7.0.9 or above
CVE-2022-29054Flaws over DHCP and DNS keys encryption scheme in FortiOS / FortiProxy3.1LowFortiOS version 7.2.0
FortiOS version 7.0.0 through 7.0.7
FortiOS version 6.4 all versions
FortiOS version 6.2 all versions

FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0 all versions
FortiProxy version 1.2 all versions

FortiProxy version 1.1 all versions
Please upgrade to FortiOS version 7.2.1 or above

Please upgrade to FortiOS version 7.0.8 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above
CVE-2021-43074Padding oracle in cookie encryption in FortiOS, FortiWeb, FortiProxy and FortiSwitch4.1MediumFortiOS versions 7.0.3 and below.
FortiOS versions 6.4.8 and below,
FortiOS 6.2 all versions
FortiOS 6.0 all versions

FortiWeb 6.4 all versions
FortiWeb versions 6.3.16 and below,
FortiWeb 6.2 all versions
FortiWeb 6.1 all versions

FortiWeb 6.0 all versions
FortiProxy versions 7.0.1 and below,
FortiProxy versions 2.0.7 and below,
FortiProxy 1.2 all versions

FortiProxy 1.1 all versions
FortiProxy 1.0 all versions
FortiSwitch versions 7.0.3 and below,
FortiSwitch versions 6.4.10 and below,

FortiSwitch 6.2 all versions
FortiSwitch 6.0 all versions
Upgrade to FortiOS version 7.0.4 or above.

Upgrade to FortiOS version 6.4.9 or above.

Upgrade to FortiWeb version 7.0.0 or above.

Upgrade to FortiWeb version 6.3.17 or above.

Upgrade to FortiProxy version 7.0.2 or above.

Upgrade to FortiProxy version 2.0.8 or above.

Upgrade to FortiSwitch version 7.2.0 or above.

Upgrade to FortiSwitch version 7.0.4 or above.

Upgrade to FortiSwitch version 6.4.11 or above.
CVE-2022-41335Arbitrary read/write vulnerability in administrative interface in FortiOS, FortiProxy & FortiSwitchManager8.6HighFortiOS version 7.2.0 through 7.2.2
FortiOS version 7.0.0 through 7.0.8
FortiOS version 6.4.0 through 6.4.10
FortiOS version 6.2.0 through 6.2.12

FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0.0 through 2.0.10
FortiProxy version 1.2 all versions

FortiProxy version 1.1 all versions
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0
Please upgrade to FortiOS version 7.2.3 or above

Please upgrade to FortiOS version 7.0.9 or above

Please upgrade to FortiOS version 6.4.11 or above

Please upgrade to FortiOS version 6.2.13 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above

Please upgrade to FortiProxy version 2.0.11 or above

Please upgrade to FortiSwitchManager version 7.2.1 or above

Please upgrade to FortiSwitchManager version 7.0.1 or above

FortiAnalyzer Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-30304XSS vulnerability due to AngularJS Client-Side Template injection in FortiAnalyzer6.5MediumFortiAnalyzer version 7.2.0 through 7.2.1.
FortiAnalyzer version 7.0.0 through 7.0.4
FortiAnalyzer version 6.4.0 through 6.4.8
FortiAnalyzer version 6.2.0 through 6.2.9

FortiAnalyzer version 6.0.0 through 6.0.11
Please upgrade to FortiAnalyzer version 7.2.2 or above

Please upgrade to FortiAnalyzer version 7.0.5 or above

Please upgrade to FortiAnalyzer version 6.4.9 or above

FortiAnalyzer Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-30304XSS vulnerability due to AngularJS Client-Side Template injection in FortiAnalyzer6.5MediumFortiAnalyzer version 7.2.0 through 7.2.1.
FortiAnalyzer version 7.0.0 through 7.0.4
FortiAnalyzer version 6.4.0 through 6.4.8
FortiAnalyzer version 6.2.0 through 6.2.9

FortiAnalyzer version 6.0.0 through 6.0.11
Please upgrade to FortiAnalyzer version 7.2.2 or above

Please upgrade to FortiAnalyzer version 7.0.5 or above

Please upgrade to FortiAnalyzer version 6.4.9 or above

FortiADC Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-27482OS command injection vulnerability in CLI in FortiADC7.4HighAt least
FortiADC version 7.0.0 through 7.0.1
FortiADC version 6.2.0 through 6.2.3
FortiADC 6.1 all versions
FortiADC 6.0 all versions

FortiADC 5.4 all versions
FortiADC 5.3 all versions
FortiADC 5.2 all versions
FortiADC 5.1 all versionsFortiADC 5.0 all versions
Please upgrade to FortiADC version 7.0.2 or above,

Please upgrade to FortiADC version 6.2.4 or above.

Fortisandbox Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-26115Improper password storage mechanism in FortiSandbox5.4MediumFortiSandbox version 4.0.0 through 4.0.2
FortiSandbox version 3.2.0 through 3.2.3
Upgrade to FortiSandbox version 4.2.0 and above.

Fortisandbox Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-43954Device password exposure in audit log in FortiPortal4.1MediumFortiPortal version 7.0.0 through 7.0.2Please upgrade to FortiPortal version 7.0.3 or above.

FortiWAN Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-33869Command injection vulnerability in FortiWAN8HighFortiWAN version 4.5.0 through 4.5.9
FortiWAN version 4.4.0 through 4.4.1
FortiWAN version 4.3.0 through 4.3.1
FortiWAN version 4.2.5 through 4.2.7

FortiWAN version 4.2.1 through 4.2.2
FortiWAN version 4.1.1 through 4.1.3
FortiWAN version 4.0.0 through 4.0.6
Please upgrade to FortiWAN version 4.5.10 or above

FortiAuthenticator Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-22302Disclosure of private keys corresponding to Apple (APNS) and Google (GCM) certificates in FortiOS, FortiAuthenticator5.3MediumFortiOS version 6.4.0 through 6.4.1
FortiOS version 6.2.0 through 6.2.9
FortiOS version 6.0.0 through 6.0.13
FortiAuthenticator version 6.1.0

FortiAuthenticator version 6.0.0 through 6.0.4
FortiAuthenticator 5.5 all versions
Please upgrade to FortiGate version 6.4.2 or above.

Please upgrade to FortiOS version 6.2.10 or above

Please upgrade to FortiOS version 6.0.14 or above

Please upgrade to FortiAuthenticator version 6.2.0 or above

Please upgrade to FortiAuthenticator version 6.1.1 or above

Please upgrade to FortiAuthenticator version 6.0.5 or above

Workaround in FortiOS:Disable the FTM push service by using the below commands:config system ftm-pushset status disableend

FortiSwitch Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2021-43074Padding oracle in cookie encryption in FortiOS, FortiWeb, FortiProxy and FortiSwitch4.1MediumFortiOS versions 7.0.3 and below.
FortiOS versions 6.4.8 and below,
FortiOS 6.2 all versions
FortiOS 6.0 all versions

FortiWeb 6.4 all versions
FortiWeb versions 6.3.16 and below,
FortiWeb 6.2 all versions
FortiWeb 6.1 all versions

FortiWeb 6.0 all versions
FortiProxy versions 7.0.1 and below,
FortiProxy versions 2.0.7 and below,
FortiProxy 1.2 all versions

FortiProxy 1.1 all versions
FortiProxy 1.0 all versions
FortiSwitch versions 7.0.3 and below,
FortiSwitch versions 6.4.10 and below,

FortiSwitch 6.2 all versions
FortiSwitch 6.0 all versions
Upgrade to FortiOS version 7.0.4 or above.

Upgrade to FortiOS version 6.4.9 or above.

Upgrade to FortiWeb version 7.0.0 or above.

Upgrade to FortiWeb version 6.3.17 or above.

Upgrade to FortiProxy version 7.0.2 or above.

Upgrade to FortiProxy version 2.0.8 or above.

Upgrade to FortiSwitch version 7.2.0 or above.

Upgrade to FortiSwitch version 7.0.4 or above.

Upgrade to FortiSwitch version 6.4.11 or above.

FortiSwitchManager Vulnerabilities

CVETitleCVSSv3 ScoreSeverityProducts AffectedProducts Fixed
CVE-2022-41335Arbitrary read/write vulnerability in administrative interface in FortiOS, FortiProxy & FortiSwitchManager8.6HighFortiOS version 7.2.0 through 7.2.2
FortiOS version 7.0.0 through 7.0.8
FortiOS version 6.4.0 through 6.4.10
FortiOS version 6.2.0 through 6.2.12

FortiProxy version 7.2.0 through 7.2.1
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 2.0.0 through 2.0.10
FortiProxy version 1.2 all versions

FortiProxy version 1.1 all versions
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0
Please upgrade to FortiOS version 7.2.3 or above

Please upgrade to FortiOS version 7.0.9 or above

Please upgrade to FortiOS version 6.4.11 or above

Please upgrade to FortiOS version 6.2.13 or above

Please upgrade to FortiProxy version 7.2.2 or above

Please upgrade to FortiProxy version 7.0.8 or above

Please upgrade to FortiProxy version 2.0.11 or above

Please upgrade to FortiSwitchManager version 7.2.1 or above

Please upgrade to FortiSwitchManager version 7.0.1 or above

We hope this post would help you know about the February 2023 Monthly PSIRT Advisory Report published by fortinet on 16th February 2023. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblrMedium & Instagram, and subscribe to receive updates like this. 

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Report

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe