Table of Contents
April 17, 2023
|10m
Breaking Down the Latest April 2023 Monthly PSIRT Advisory Report From Fortinet
InfoSec |
This report highlights that the April 2023 Monthly PSIRT Advisory Report from Fortinet has been released, and we have broken it down in detail. The report contains information about new security vulnerabilities and Fortinet products or service updates. By reviewing and understanding the report, individuals and organizations can take necessary actions to enhance their security posture and protect against potential cyber threats.
Summary of April 2023 Monthly PSIRT Advisory Report
Fortinet released the April 2023 Monthly PSIRT Advisory Report early this week. Let’s see the summary of the report:
The report listed 21 vulnerabilities, of which 1 is classified as critical, 9 are classified as High, 10 are Medium, and 1 is Low in severity.
The Critical vulnerability identified is CVE-2022-4133.
The products affected by this list of 40 vulnerabilities may include FortiOS, FortiProxy, FortiADC, FortiClientWindows, FortiWeb, FortiAnalyzer, FortiSandbox, FortiAuthenticator, FortiManager, FortiNAC, FortiSIEM, FortiDDoS, FortiCleintMac, FortiClientMac, FortiSOAR, FortiDDoS-F, FortiDeceptor, and FortiPresence.
Vulnerabilities by Category
The April 2023 Monthly PSIRT Advisory Report has classified 21 vulnerabilities into 14 categories. The most commonly found vulnerability is command injection, Arbitrary file creation from unprivileged users. SQL injection and Cross-site scripting have been identified 2 times in the report. All other vulnerabilities occurred only one time.
For more details, please refer to the table on various vulnerability types identified in the report.
| Vulnerability Type | Number of Occurrences |
| Server-side Template Injection | 1 |
| Command injection | 2 |
| Arbitrary file creation from unprivileged users | 2 |
| Privilege escalation vulnerability | 1 |
| Open redirect | 1 |
| SQL injection | 2 |
| Cross-site scripting | 2 |
| XSS vulnerability | 1 |
| Improper write access | 1 |
| Improper privilege management | 1 |
| Anti brute-force bypass | 1 |
| Lack of client-side certificate validation | 1 |
| Unfiltered access via NGFW Mode | 1 |
| Reflected XSS | 1 |
Vulnerabilities by Product
Below is the table containing all the vulnerabilities by products:
| Fortinet Product | Number of Occurrence |
| FortiOS | 4 |
| FortiProxy | 4 |
| FortiADC | 3 |
| FortiClientWindows | 3 |
| FortiWeb | 2 |
| FortiAnalyzer | 2 |
| FortiSandbox | 2 |
| FortiAuthenticator | 2 |
| FortiManager | 1 |
| FortiNAC | 1 |
| FortiSIEM | 1 |
| FortiDDoS | 1 |
| FortiCleintMac | 1 |
| FortiClientMac | 1 |
| FortiSOAR | 1 |
| FortiDDoS-F | 1 |
| FortiDeceptor | 1 |
| FortiPresence | 1 |
List of Critical Vulnerabilities April 2023 Monthly PSIRT Advisory Report
CVE-2022-41331 is a vulnerability in the on-prem infrastructure server of FortiPresence that could lead to a missing authentication for a critical function [CWE-306]. As a result, an remote/unauthenticated attacker can gain access to the Redis and MongoDB instances by using specially crafted authentication requests.
It is worth noting that this vulnerability affects only a small number of deployed on-prem instances. The Cloud instances of FortiPresence, however, are not affected.
| CVE ID | Vulnerability | Vulnerable Product/Application | Solution |
| CVE-2022-41331 | FortiPresence – Unpassworded remotely accessible Redis & MongoDB | FortiPresence 1.2 all versionsFortiPresence 1.1 all versionsFortiPresence 1.0 all versions | upgrade to FortiPresence version 2.0.0 or above |
Comprehensive List of Vulnerabilities Patched in April 2023 Monthly PSIRT Advisory Report
| CVE | Title | CVSSv3 Score | Severity | Products Affected | Product Fixed |
| CVE-2022-0847 | CVE-2022-0847 on Linux Kernel | 7.1 | High | FortiAuthenticator version 6.3.0 through 6.3.3FortiAuthenticator version 6.4.0 through 6.4.1FortiProxy version 7.0.0 through 7.0.3FortiSIEM version 6.1.0 through 6.1.2FortiSIEM version 6.2.0 through 6.2.1FortiSIEM version 6.3.0 through 6.3.3FortiSIEM version 6.4.0 | Upgrade to FortiAuthenticator version 6.5.0 or aboveUpgrade to FortiAuthenticator version 6.4.2 or aboveUpgrade to FortiAuthenticator version 6.3.4 or aboveUpgrade to FortiProxy version 7.2.0 or aboveUpgrade to FortiProxy version 7.0.4 or aboveUpgrade to FortiSIEM version 6.5.0 or aboveUpgrade to FortiSIEM version 6.4.1 or above |
| CVE-2022-40679 | FortiADC & FortiDDoS & FortiDDoS-F – Command injection in log & report module | 7.1 | High | FortiDDoS-F version 6.4.0FortiDDoS-F version 6.3.0 through 6.3.3FortiDDoS-F version 6.2.0 through 6.2.2FortiDDoS-F version 6.1.0 through 6.1.4FortiDDoS version 5.6 all versionsFortiDDoS version 5.5 all versionsFortiDDoS version 5.4 all versionsFortiDDoS version 5.3 all versionsFortiDDoS version 5.2 all versionsFortiDDoS version 5.1 all versionsFortiDDoS version 5.0 all versionsFortiDDoS version 4.x all versionsFortiADC version 7.1.0FortiADC version 7.0.0 through 7.0.3FortiADC version 6.2.0 through 6.2.4FortiADC version 6.1 all versionsFortiADC version 6.0 all versionsFortiADC version 5.x all versions | Upgrade to FortiDDoS-F version 6.4.1 or aboveUpgrade to FortiDDoS-F version 6.3.4 or aboveUpgrade to FortiDDoS-F version 6.2.3 or aboveUpgrade to FortiDDoS-F version 6.1.5 or aboveUpgrade to FortiDDoS version 5.7.0 or aboveUpgrade to FortiADC version 7.1.1 or aboveUpgrade to FortiADC version 7.0.4 or aboveUpgrade to FortiADC version 6.2.5 or above |
| CVE-2022-43952 | FortiADC – Cross-Site Scripting in Fabric Connectors | 3.3 | Low | FortiADC version 7.1.0 through 7.1.1FortiADC version 7.0.0 through 7.0.3FortiADC version 6.2.0 through 6.2.5 | Upgrade to FortiADC version 7.1.2 or aboveUpgrade to FortiADC version 7.0.4 or aboveUpgrade to FortiADC version 6.2.6 or above |
| CVE-2023-22642 | FortiAnalyzer & FortiManager – Lack of client-side certificate validation when establishing secure connections with FortiGuard to download outbreakalert | 6.8 | Medium | FortiManager version 7.2.0 through 7.2.1FortiManager version 7.0.0 through 7.0.5FortiManager version 6.4.8 through 6.4.10FortiAnalyzer version 7.2.0 through 7.2.1FortiAnalyzer version 7.0.0 through 7.0.5FortiAnalyzer version 6.4.8 through 6.4.10 | Upgrade to FortiManager version 7.2.2 or aboveUpgrade to FortiManager version 7.0.6 or aboveUpgrade to FortiManager version 6.4.11 or aboveUpgrade to FortiAnalyzer version 7.2.2 or aboveUpgrade to FortiAnalyzer version 7.0.6 or aboveUpgrade to FortiAnalyzer version 6.4.11 or above |
| CVE-2022-42477 | FortiAnalyzer – Improper input validation in custom dataset | 6.5 | Medium | FortiAnalyzer version 7.2.1 and below,FortiAnalyzer version 7.0.6 and below,FortiAnalyzer 6.4 all versions. | Upgrade to FortiAnalyzer version 7.2.2 or aboveUpgrade to FortiAnalyzer version 7.0.7 or above |
| CVE-2022-35850 | FortiAuthenticator – Reflected XSS in the password reset page | 4.2 | Medium | FortiAuthenticator version 6.4.0 through 6.4.6FortiAuthenticator version 6.3.0 through 6.3.3FortiAuthenticator 6.2 all versionsFortiAuthenticator 6.1 all versions | Upgrade to FortiAuthenticator version 6.5.0 or aboveUpgrade to FortiAuthenticator version 6.4.7 or aboveUpgrade to FortiAuthenticator version 6.3.4 or above |
| CVE-2023-22635 | FortiClient (Mac) – update functionality may lead to privilege escalation vulnerability | 6.9 | Medium | FortiClientMac version 7.0.0 through 7.0.7FortiClientMac version 6.4 all versionsFortiClientMac version 6.2 all versionsFortiClientMac version 6.0 all versions | Upgrade to FortiClientMac version 7.0.8 or above.Upgrade to FortiClientMac version 7.2.0 or above. |
| CVE-2022-40682 | FortiClient (Windows) – Arbitrary file creation from unprivileged users due to process impersonation | 7.1 | High | FortiClientWindows version 7.0.0 through 7.0.7FortiClientWindows version 6.4.0 through 6.4.9FortiClientWindows version 6.2.0 through 6.2.9FortiClientWindows version 6.0.0 through 6.0.10 | Upgrade to FortiClientWindows version 7.2.0 or aboveUpgrade to FortiClientWindows version 7.0.8 or above |
| CVE-2022-43946 | FortiClient (Windows) – Improper write access over FortiClient pipe object | 7.3 | High | FortiClientWindows version 7.0.0 through 7.0.7FortiClientWindows version 6.4 all versionsFortiClientWindows version 6.2 all versionsFortiClientWindows version 6.0 all versions | Upgrade to FortiClientWindows version 7.2.0 or aboveUpgrade to FortiClientWindows version 7.0.8 or above |
| CVE-2022-42470 | FortiClientWindows – Arbitrary file creation by unprivileged users | 7.1 | High | FortiClientWindows version 7.0.0 through 7.0.7FortiClientWindows 6.4 all versionsFortiClientWindows 6.2 all versionsFortiClientWindows 6.0 all versions | Upgrade to FortiClientWindows version 7.2.0 or aboveUpgrade to FortiClientWindows version 7.0.8 or above |
| CVE-2022-42469 | FortiGate – Policy-based NGFW SSL VPN mode doesn’t filter accesses via Bookmarks | 4.1 | Medium | FortiOS version 7.2.0 through 7.2.3FortiOS version 7.0.0 through 7.0.9 | Upgrade to FortiOS version 7.2.4 or aboveUpgrade to FortiOS version 7.0.11 or above |
| CVE-2022-43951 | FortiNAC – Report disclosure to unauthenticated users | 4.8 | Medium | At leastFortiNAC version 9.4.0 through 9.4.1FortiNAC 9.2 all versionsFortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versions | Upgrade to FortiNAC-F version 7.2.0 or aboveUpgrade to FortiNAC version 9.4.2 or above |
| CVE-2022-43947 | FortiOS & FortiProxy – Anti brute-force bypass in administrative interface | 4.7 | Medium | FortiProxy version 7.2.0 through 7.2.1FortiProxy version 7.0.0 through 7.0.7FortiProxy 2.0 all versionsFortiProxy 1.2 all versionsFortiProxy 1.1 all versionsFortiProxy 1.0 all versionsFortiOS version 7.2.0 through 7.2.3FortiOS version 7.0.0 through 7.0.10FortiOS version 6.4.0 through 6.4.12FortiOS 6.2 all versions | Upgrade to FortiProxy version 7.2.2 or aboveUpgrade to FortiProxy version 7.0.8 or aboveUpgrade to FortiOS version 7.2.4 or aboveUpgrade to FortiOS version 7.0.11 or aboveUpgrade to FortiOS version 6.4.13 or above |
| CVE-2022-41330 | FortiOS & FortiProxy – Cross Site Scripting vulnerabilities in administrative interface | 8.3 | High | FortiProxy version 7.2.0 through 7.2.1FortiProxy version 7.0.0 through 7.0.7FortiOS version 7.2.0 through 7.2.3FortiOS version 7.0.0 through 7.0.9FortiOS version 6.4.0 through 6.4.11FortiOS version 6.2.0 through 6.2.12 | upgrade to FortiProxy version 7.2.2 or aboveUpgrade to FortiProxy version 7.0.8 or aboveUpgrade to FortiOS version 7.2.4 or aboveUpgrade to FortiOS version 7.0.10 or aboveUpgrade to FortiOS version 6.4.12 or aboveUpgrade to FortiOS version 6.2.13 or above |
| CVE-2023-22641 | FortiOS & FortiProxy – Open redirect in sslvpnd | 4.1 | Medium | FortiOS version 7.2.0 through 7.2.3FortiOS version 7.0.0 through 7.0.9FortiOS version 6.4.0 through 6.4.12FortiOS all versions 6.2, 6.0FortiProxy version 7.2.0 through 7.2.2FortiProxy version 7.0.0 through 7.0.8FortiProxy all versions 2.0, 1.2, 1.1, 1.0 | Upgrade to FortiProxy version 7.2.3 or aboveUpgrade to FortiProxy version 7.0.9 or aboveUpgrade to FortiOS version 7.2.4 or aboveUpgrade to FortiOS version 7.0.10 or aboveUpgrade to FortiOS version 6.4.13 or above |
| CVE-2022-41331 | FortiPresence – Unpassworded remotely accessible Redis & MongoDB | 9.3 | Critical | FortiPresence 1.2 all versionsFortiPresence 1.1 all versionsFortiPresence 1.0 all versions | Upgrade to FortiPresence version 2.0.0 or above |
| CVE-2023-27995 | FortiSOAR – Server-side Template Injection in playbook execution | 7.2 | High | FortiSOAR version 7.3.0 through 7.3.1 | Upgrade to FortiSOAR version 7.4.0 or aboveUpgrade to FortiSOAR version 7.3.2 or above |
| CVE-2022-27485 | FortiSandbox – SQL injection in certificate downloading feature | 6.2 | Medium | At leastFortiSandbox version 4.2.0FortiSandbox version 4.0.0 through 4.0.2FortiSandbox version 3.2.0 through 3.2.3FortiSandbox version 3.0.1 through 3.0.7FortiSandbox 3.1 all versions | Upgrade to FortiSandbox version 4.2.1 or aboveUpgrade to FortiSandbox version 4.0.3 or aboveUpgrade to FortiSandbox version 3.2.4 or above |
| CVE-2022-27487 | FortiSandbox / FortiDeceptor – Improper profile-based access control over APIs | 8.3 | High | FortiDeceptor version 4.1.0FortiDeceptor version 4.0.0 through 4.0.2FortiDeceptor version 3.3.0 through 3.3.3FortiDeceptor 3.2 all versionsFortiDeceptor 3.1 all versionsFortiDeceptor 3.0 all versionsFortiDeceptor 2.1 all versionsFortiDeceptor 2.0 all versionsFortiDeceptor 1.1 all versionsFortiDeceptor 1.0 all versionsAt leastFortiSandbox version 4.2.0 through 4.2.2FortiSandbox version 4.0.0 through 4.0.2FortiSandbox version 3.2.0 through 3.2.3FortiSandbox 3.1 all versionsFortiSandbox 3.0 all versionsFortiSandbox 2.5 all versions | Upgrade to FortiDeceptor version 4.2.0 or aboveUpgrade to FortiDeceptor version 4.1.1 or aboveUpgrade to FortiDeceptor version 4.0.2 or aboveUpgrade to FortiDeceptor version 3.3.3 or aboveUpgrade to FortiSandbox version 4.2.3 or aboveUpgrade to FortiSandbox version 4.0.3 or aboveUpgrade to FortiSandbox version 3.2.4 or above |
| CVE-2022-43948 | FortiWeb & FortiADC – OS command injection in CLI | 6.5 | Medium | FortiWeb version 7.0.0 through 7.0.3FortiADC version 7.1.0 through 7.1.1FortiADC version 7.0.0 through 7.0.3FortiADC 6.2 all versionsFortiADC 6.1 all versionsFortiADC 6.0 all versionsFortiADC 5.4 all versionsFortiADC 5.3 all versionsFortiADC 5.2 all versionsFortiADC 5.1 all versions | Upgrade to FortiWeb version 7.2.0 or aboveUpgrade to FortiWeb version 7.0.4 or aboveUpgrade to FortiADC version 7.2.0 or aboveUpgrade to FortiADC version 7.1.2 or aboveUpgrade to FortiADC version 7.0.4 or above |
| CVE-2022-43955 | FortiWeb – XSS vulnerability in HTML generated attack report files | 8 | High | FortiWeb version 7.0.0 through 7.0.3FortiWeb 6.4 all versionsFortiWeb version 6.3.0 through 6.3.21FortiWeb version 6.2 all versionsFortiWeb version 6.1 all versionsFortiWeb version 6.0 all versions | Upgrade to FortiWeb version 7.2.0 or aboveUpgrade to FortiWeb version 7.0.4 or aboveUpgrade to FortiWeb version 6.3.22 or above |
This post informs you about the April 2023 Monthly PSIRT Advisory Report Fortinet released on April 11, 2023. By sharing this post, you can contribute to making the digital world a more secure place. For regular updates on topics like this, please visit our social media pages on Facebook, LinkedIn, Twitter, Telegram, Tumblr, Medium, & Instagram and subscribe to our content.
Breaking Down the Latest May 2023 Monthly PSIRT Advisory Report From Fortinet
Breaking Down the Latest February 2023 Monthly PSIRT Advisory Report From Fortinet
Breaking Down the Latest June 2023 Monthly PSIRT Advisory Report From Fortinet
Breaking Down the March 2023 Monthly PSIRT Advisory Report From Fortinet
Arun KL
Arun KL is a cybersecurity professional with 15+ years of experience in IT infrastructure, cloud security, vulnerability management, Penetration Testing, security operations, and incident response. He is adept at designing and implementing robust security solutions to safeguard systems and data. Arun holds multiple industry certifications including CCNA, CCNA Security, RHCE, CEH, and AWS Security.
- April 18, 2024
Learn Something New with Free Email subscription
Learn Something New with Free Email subscription
Subscribe
Subscribe
Subscribe
Subscribe
- April 18, 2024
