Table of Contents
  • Home
  • /
  • Blog
  • /
  • Breaking Down the Latest June 2023 Monthly PSIRT Advisory Report From Fortinet
December 4, 2023
|
15m

Breaking Down the Latest June 2023 Monthly PSIRT Advisory Report From Fortinet


Breaking Down The Latest June 2023 Monthly Psirt Advisory Report From Fortinet

Fortinet has recently released its June 2023 Monthly PSIRT Advisory Report, which we’ve covered in this detailed report. This report describes newly released security vulnerabilities affecting Fortinet products. We’ve also added a separate table in the report that describes all the products affected by these vulnerabilities.

Through this report, you will understand the severity of each vulnerability, the steps needed to mitigate the risks and take the necessary actions to enhance the security structure against potential threats. 

Summary of June 2023 Monthly PSIRT Advisory Report

The Fortinet report released has the following key points: 

  1. The report listed 22 vulnerabilities, out of which 1 is critical, 7 are classified as High, 12 as Medium and 2 as Low. 

  2. The products affected by these 22 vulnerabilities may include FortiOS, FortiProxy, FortiSIEM, FortiADC, FortiNAC, FortiManager, FortiAnalyzer, FortiWeb, FortiClientWindows, FortiADCManager, FortiSaaawitcahManager, FortiConverter, and FortiOS-6K7K.

  3. A vulnerability identified as Critical CVE-2023-27997 is a heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

Vulnerabilities by Category:

The June 2023 Monthly PSIRT Advisory Report presents 21 vulnerabilities affecting multiple FortiGate products. Below is a table giving the overview of each vulnerability type identified in the report: 

Vulnerability TypeNumber of Occurrences 
NULL pointer dereference [CWE-476] vulnerability3
Command Injection [CWE-78] vulnerability2
incorrect default permissions [CWE-276] vulnerability1
Server-side request forgery (SSRF) vulnerability [CWE-918]1
Access control vulnerability [CWE-284]2
Access of uninitialized pointer vulnerability [CWE-824]1
Format string vulnerability [CWE-134]2
Heap-based buffer overflow vulnerability [CWE-122]1
Improper certificate validation vulnerability [CWE-295]1
Out-of-bounds write vulnerability [CWE-787]1
Insertion of sensitive information into log file vulnerability [CWE-532]1
Relative path traversal vulnerability [CWE-23]1
Loop with unreachable exit condition (‘Infinite Loop’) vulnerability [CWE-835]1
Cleartext transmission of sensitive information vulnerability [CWE-319]1
Improper restriction of excessive authentication attempts [CWE-307]1
Plaintext storage of a password vulnerability [CWE-256]1
Broken or risky cryptographic algorithm [CWE-327]1

Vulnerabilities by Product

Please refer to this table if you want to know the list of vulnerabilities by the Fortinet products.

Comprehensive List of Vulnerabilities Patched in June 2023 Monthly PSIRT Advisory Report

This table shows the break down of all the 22 vulnerabilities published in June 2023 Monthly PSIRT Advisory Report.

CVESummaryCVSSv3 ScoreSeverityProducts AffectedProduct Fixed
CVE-2023-27997A heap-based buffer overflow vulnerability [CWE-122] in FortiOS and FortiProxy SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.9.2CriticalFortiOS-6K7K version 7.0.10 FortiOS-6K7K version 7.0.5 FortiOS-6K7K version 6.4.12 FortiOS-6K7K version 6.4.10 FortiOS-6K7K version 6.4.8 FortiOS-6K7K version 6.4.6 FortiOS-6K7K version 6.4.2 FortiOS-6K7K version 6.2.9 through 6.2.13 FortiOS-6K7K version 6.2.6 through 6.2.7 FortiOS-6K7K version 6.2.4 FortiOS-6K7K version 6.0.12 through 6.0.16 FortiOS-6K7K version 6.0.10 FortiProxy version 7.2.0 through 7.2.3 FortiProxy version 7.0.0 through 7.0.9 FortiProxy version 2.0.0 through 2.0.12 FortiProxy 1.2 all versions FortiProxy 1.1 all versions FortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.11 FortiOS version 6.4.0 through 6.4.12 FortiOS version 6.2.0 through 6.2.13 FortiOS version 6.0.0 through 6.0.16Workaround: Disable SSL-VPN. Please upgrade to FortiOS-6K7K version 7.0.12 or above Please upgrade to FortiOS-6K7K version 6.4.13 or above Please upgrade to FortiOS-6K7K version 6.2.15 or above Please upgrade to FortiOS-6K7K version 6.0.17 or above Please upgrade to FortiProxy version 7.2.4 or above Please upgrade to FortiProxy version 7.0.10 or above Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiOS version 6.2.14 or above Please upgrade to FortiOS version 6.0.17 or above
CVE-2023-29181A use of externally-controlled format string vulnerability [CWE-134] in the Fclicense daemon of FortiOS may allow a remote authenticated attacker to execute arbitrary code or commands via specially crafted requests.8.3HighFortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.11 FortiOS version 6.4.0 through 6.4.12 FortiOS version 6.2.0 through 6.2.14 FortiOS 6.0 all versionsPlease upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiOS version 6.2.15 or above
CVE-2022-42478An improper restriction of excessive authentication attempts [CWE-307] in FortiSIEM may allow a unauthenticated user with access to several endpoints to perform a brute force attack on these endpoints.8.1HighFortiSIEM version 6.7.0 FortiSIEM 6.6 all versions FortiSIEM 6.5 all versions FortiSIEM 6.4 all versions FortiSIEM 6.3 all versions FortiSIEM 6.2 all versions FortiSIEM 6.1 all versions FortiSIEM 5.4 all versions FortiSIEM 5.3 all versions FortiSIEM 5.2 all versions FortiSIEM 5.1 all versionsPlease upgrade to FortiSIEM version 7.0.0 or above Please upgrade to FortiSIEM version 6.7.1 or above
CVE-2023-26210Multiple improper neutralization of special elements used in an os command (‘OS Command Injection‘) vulnerabilties [CWE-78] in FortiADC & FortiADC Manager may allow a local authenticated attacker to execute arbitrary shell code as `root` user via crafted CLI requests.7.8HighFortiADC version 7.2.0 FortiADC version 7.1.0 through 7.1.2 FortiADC 7.0 all versions FortiADC 6.2 all versions FortiADC 6.1 all versions FortiADC 6.0 all versions FortiADC 5.4 all versions FortiADC 5.3 all versions FortiADC 5.2 all versions At least FortiADCManager version 7.1.0 FortiADCManager version 7.0.0 FortiADCManager 6.2 all versions FortiADCManager 6.1 all versions FortiADCManager 6.0 all versions FortiADCManager 5.4 all versions FortiADCManager 5.3 all versions FortiADCManager 5.2 all versionsPlease upgrade to FortiADC version 7.2.1 or above Please upgrade to FortiADC version 7.1.3 or above Please upgrade to FortiADCManager version 7.2.0 or above Please upgrade to FortiADCManager version 7.1.1 or above Please upgrade to FortiADCManager version 7.0.1 or above
CVE-2022-41327A cleartext transmission of sensitive information vulnerability [CWE-319] in FortiOS & FortiProxy may allow an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.7.6HighFortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.8 FortiProxy version 7.2.0 through 7.2.1 FortiProxy version 7.0.0 through 7.0.7Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.9 or above Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above
VE-2023-29180A NULL pointer dereference vulnerability [CWE-476] in FortiOS may allow a remote unauthenticated attacker to crash the SSL-VPN daemon via specially crafted HTTP requests.7.3HighFortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.11 FortiOS version 6.4.0 through 6.4.12 FortiOS version 6.2.0 through 6.2.14 FortiOS version 6.0.0 through 6.0.16Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiOS version 6.2.15 or above Please upgrade to FortiOS version 6.0.17 or above
CVE-2022-39946An access control vulnerability [CWE-284] in FortiNAC may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests.7.2HighAt least FortiNAC version 9.4.0 through 9.4.2 FortiNAC 9.2.0 through 9.2.7 FortiNAC 9.1 all versions FortiNAC 8.8 all versions FortiNAC 8.7 all versions FortiNAC 8.6 all versions FortiNAC 8.5 all versionsPlease upgrade to FortiNAC-F version 7.2.0 or above Please upgrade to FortiNAC version 9.4.3 or above Please upgrade to FortiNAC version 9.2.8 or above
CVE-2023-22633An improper permissions, privileges, and access controls vulnerability [CWE-264] in FortiNAC may allow an unauthenticated attacker to perform a DoS attack on the device via client-secure renegotiation.7.2HighAt least FortiNAC-F version 7.2.0 FortiNAC version 9.4.0 through 9.4.1 FortiNAC version 9.2.0 through 9.2.6 FortiNAC version 9.1.0 through 9.1.8 FortiNAC 8.8.0 all versions FortiNAC 8.7.0 all versionsPlease upgrade to FortiNAC-F version 7.2.1 or above Please upgrade to FortiNAC version 9.4.2 or above Please upgrade to FortiNAC version 9.2.7 or above Please upgrade to FortiNAC version 9.1.9 or above
CVE-2022-33877An incorrect default permissions [CWE-276] vulnerability in FortiClient (Windows) and FortiConverter (Windows) may allow a local authenticated attacker to tamper with files in the installation folder, if FortiClient or FortiConvreter is installed in an insecure folder.6.8MediumFortiClientWindows version 7.0.0 through 7.0.6 FortiClientWindows version 6.4.0 through 6.4.8 FortiConverter version 7.0.0 FortiConverter 6.2 all versions FortiConverter 6.0 all versionsPlease upgrade to FortiClientWindows version 7.0.7 or above Please upgrade to FortiClientWindows version 6.4.9 or above Please upgrade to FortiConverter version 7.0.1 or above Please upgrade to FortiConverter version 6.2.2 or above
CVE-2023-33306A NULL pointer dereference vulnerability [CWE-476] in SSL-VPN may allow an authenticated remote attacker to trigger a crash of the SSL-VPN service via crafted requests.6.4MediumFortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.10 FortiProxy version 7.2.0 through 7.2.2 FortiProxy version 7.0.0 through 7.0.8Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.11 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiProxy version 7.2.4 or above Please upgrade to FortiProxy version 7.2.3 or above Please upgrade to FortiProxy version 7.0.9 or above Please upgrade to FortiProxy version 7.0.10 or above
CVE-2023-29179A NULL pointer dereference vulnerability [CWE-476] in FortiOS may allow an authenticated attacker to crash the SSL-VPN daemon via specially crafted HTTP requests to the /proxy endpoint6.4MediumFortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.11 FortiOS version 6.4.0 through 6.4.12Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above
CVE-2023-28000An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC CLI may allow a local and authenticated attacker to execute unauthorized commands via specifically crafted arguments in diagnose system df CLI command.6.3MediumFortiADC version 7.1.0 FortiADC version 7.0.0 through 7.0.3 FortiADC version 6.2.0 through 6.2.4 FortiADC 6.1 all versions FortiADC 6.0 all versionsPlease upgrade to FortiADC version 7.1.1 or above Please upgrade to FortiADC version 7.0.4 or above Please upgrade to FortiADC version 6.2.5 or above
CVE-2022-43953A format string vulnerability [CWE-134] in the command line interpreter of FortiOS and FortiProxy may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.6.3MediumFortiOS version 7.2.0 through 7.2.4 FortiOS all versions 7.0, 6.4, 6.2 FortiProxy version 7.2.0 through 7.2.1 FortiProxy version 7.0.0 through 7.0.7Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above Please upgrade to FortiOS version 6.4.13 or above
CVE-2023-22639An out-of-bounds write vulnerability [CWE-787] in Command Line Interface of FortiOS and FortiProxy may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted commands.6.3MediumFortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.10 FortiOS version 6.4.0 through 6.4.12 FortiOS 6.2 all versions FortiOS 6.0 all versions FortiProxy version 7.2.0 through 7.2.2 FortiProxy version 7.0.0 through 7.0.8 FortiProxy 2.0 all versions FortiProxy 1.2 all versions FortiProxy 1.1 all versions FortiProxy 1.0 all versionsPlease upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.11 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiProxy version 7.2.3 or above Please upgrade to FortiProxy version 7.0.9 or above
CVE-2022-42474Use of a broken or risky cryptographic algorithm [CWE-327] in FortiSIEM may allow a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods.6.2MediumFortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.9 FortiOS version 6.4.0 through 6.4.12 FortiOS 6.2 all versions FortiSwitchManager version 7.2.0 through 7.2.1 FortiSwitchManager version 7.0.0 through 7.0.1 FortiProxy version 7.2.0 through 7.2.1 FortiProxy version 7.0.0 through 7.0.7 FortiProxy version 2.0.0 through 2.0.11 FortiProxy 1.2 all versions FortiProxy 1.1 all versions FortiProxy 1.0 all versionsPlease upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.10 or above Please upgrade to FortiOS version 6.4.13 or above Please upgrade to FortiSwitchManager version 7.2.2 or above Please upgrade to FortiSwitchManager version 7.0.2 or above Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiProxy version 2.0.12 or above
CVE-2022-43949The use of a broken or risky cryptographic algorithm [CWE-327] in FortiSIEM may allow a remote unauthenticated attacker to perform brute force attacks on GUI endpoints via taking advantage of outdated hashing methods.5.9MediumFortiSIEM version 6.7.0 through 6.7.1 FortiSIEM 6.6 all versions FortiSIEM 6.5 all versions FortiSIEM 6.4 all versions FortiSIEM 6.3 all versions FortiSIEM 6.2 all versions FortiSIEM 6.1 all versions FortiSIEM 5.4 all versions FortiSIEM 5.3 all versionsPlease upgrade to FortiSIEM version 7.0.0 or above Please upgrade to FortiSIEM version 6.7.2 or above
CVE-2023-33305A loop with unreachable exit condition (‘Infinite Loop’) vulnerability [CWE-835] in FortiOS, FortiProxy and Fortiweb may allow an authenticated attacker to perform a denial of service via a specially crafted firmware image.4.9MediumFortiWeb version 7.2.0 through 7.2.1 FortiWeb version 7.0.0 through 7.0.6 FortiWeb 6.4 all versions FortiWeb 6.3 all versions FortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.10 FortiOS 6.4 all versions FortiOS 6.2 all versions FortiOS 6.0 all versions FortiProxy version 7.2.0 through 7.2.3 FortiProxy version 7.0.0 through 7.0.9 FortiProxy 2.0 all versions FortiProxy 1.2 all versions FortiProxy 1.1 all versions FortiProxy 1.0 all versionsPlease upgrade to FortiPAM version 1.0.0 or above Please upgrade to FortiWeb version 7.2.2 or above Please upgrade to FortiWeb version 7.0.7 or above Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.11 or above Please upgrade to FortiProxy version 7.2.4 or above Please upgrade to FortiProxy version 7.0.10 or above
CVE-2023-29175An improper certificate validation vulnerability [CWE-295] in FortiOS and FortiProxy may allow a remote and unauthenticated attacker to perform a Man-in-the-Middle attack on the communication channel between the vulnerable device and the remote FortiGuard’s map server.4.4MediumFortiOS 7.2.0 FortiOS 7.0.0 through 7.0.10 FortiOS 6.4 all versions FortiOS 6.2 all versions FortiProxy version 7.2.0 through 7.2.3 FortiProxy version 7.0.0 through 7.0.9 FortiProxy 2.0 all versions FortiProxy 1.2 all versionsPlease upgrade to FortiOS version 7.2.1 or above Please upgrade to FortiOS version 7.0.11 or above Please upgrade to FortiProxy version 7.2.4 or above Please upgrade to FortiProxy version 7.0.10 or above
CVE-2023-25609A server-side request forgery (SSRF) vulnerability [CWE-918] in FortiManager and FortiAnalyzer GUI may allow a remote and authenticated attacker to access unauthorized files and services on the system via specially crafted web requests.4.2MediumFortiAnalyzer version 7.2.0 through 7.2.1 FortiAnalyzer version 7.0.0 through 7.0.6 FortiAnalyzer version 6.4.8 through 6.4.11 FortiManager version 7.2.0 through 7.2.1 FortiManager version 7.0.0 through 7.0.6 FortiManager version 6.4.8 through 6.4.11Please upgrade to FortiAnalyzer version 7.2.2 or above Please upgrade to FortiAnalyzer version 7.0.7 or above Please upgrade to FortiAnalyzer version 6.4.12 or above Please upgrade to FortiManager version 7.2.2 or above Please upgrade to FortiManager version 7.0.7 or above Please upgrade to FortiManager version 6.4.12 or above
CVE-2023-29178An access of uninitialized pointer vulnerability [CWE-824] in FortiOS administrative interface API may allow an authenticated attacker to repetitively crash the httpsd process via crafted HTTP or HTTPS requests.4.1MediumFortiProxy version 7.2.0 through 7.2.3 FortiProxy version 7.0.0 through 7.0.9 FortiProxy 2.0 all versions FortiProxy 1.2 all versions FortiProxy 1.1 all versions FortiOS version 7.2.0 through 7.2.4 FortiOS version 7.0.0 through 7.0.11 FortiOS 6.4 all versions FortiOS 6.2 all versions FortiOS 6.0 all versionsPlease upgrade to FortiProxy version 7.2.4 or above Please upgrade to FortiProxy version 7.0.10 or above Please upgrade to FortiOS version 7.2.5 or above Please upgrade to FortiOS version 7.0.12 or above
CVE-2023-26204A plaintext storage of a password vulnerability [CWE-256] in FortiSIEM may allow an attacker able to access user DB content to impersonate any admin user on the device GUI.3.6LowFortiSIEM 6.7 all versions FortiSIEM 6.6 all versions FortiSIEM 6.5 all versions FortiSIEM 6.4 all versions FortiSIEM 6.3 all versions FortiSIEM 6.2 all versions FortiSIEM 6.1 all versions FortiSIEM 5.4 all versions FortiSIEM 5.3 all versionsPlease upgrade to FortiSIEM version 7.0.0 or above
CVE-2023-26207An insertion of sensitive information into log file vulnerability [CWE-532] in FortiOS / FortiProxy log events may allow a remote authenticated attacker to read certain passwords in plain text.3.3LowFortiOS 7.2 all versions FortiProxy version 7.2.0 through 7.2.1 FortiProxy 7.0 all versionsPlease upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiProxy version 7.2.2 or above

This report presents complete detail about the June 2023 Monthly PSIRT Advisory Report Fortinet released on June 12, 2023. With this report, you can stay up to date with all newly released vulnerabilities and the recommended steps to take to avoid getting affected by it. You can also share this post and contribute to making the digital world securer and protected. If you want to have more regular posts on topics like these, please visit our website thesecmaster.com and follow us on our social media pages on Facebook, LinkedIn, Twitter, Telegram, Tumblr, and Medium, and subscribe to our content.

You may also like these articles:

Arun KL

Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.

Recently added

Threats

View All

Learn More About Cyber Security Security & Technology

“Knowledge Arsenal: Empowering Your Security Journey through Continuous Learning”

Cybersecurity All-in-One For Dummies - 1st Edition

"Cybersecurity All-in-One For Dummies" offers a comprehensive guide to securing personal and business digital assets from cyber threats, with actionable insights from industry experts.

Tools

Featured

View All

Learn Something New with Free Email subscription

Subscribe

Subscribe