Cybersecurity specialists report the detection of three vulnerabilities in Fortinet products, one of them considered critical. According to the report, the successful operation of the flaws will allow the deployment of severe risk scenarios.

Below are brief descriptions of the reported flaws, in addition to their respective tracking keys and scores assigned under the Common Vulnerability Scoring System (CVSS).

CVE-2021-26109: An integer overflow in the FortiGate FortiOS SSL VPN interface would allow unauthenticated threat actors to send specially crafted HTTP requests in order to execute arbitrary code on the affected system.

This is a critical flaw and received a CVSS score of 8.5/10 as its successful exploitation would allow full compromise of the exposed systems.

The flaw lies in the following versions of FortiOS: 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5 and 7.0.0.

CVE-2021-26110: Incorrect access restrictions in the FortiOS and FortiProxy daemon autod would allow local users to evade security restrictions on affected systems and perform privilege escalation on systems at the uper_admin level.

The vulnerability received a CVSS score of 7.7/10 and is considered to be of low severity. This flaw resides in the following implementations and versions:

FortiOS: 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 5.6.12, 5.6.13, 5.6.14, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6 and 7.0.0.

FortiProxy: 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 2.0.0 and 2.0.1.

CVE-2021-26103: Insufficient validation of the HTTP request source on the Ssl VPN interface of FortiOS and FortiProxy would allow remote threat actors to redirect a target user to a malicious website to perform arbitrary actions on the affected system.

The flaw received a CVSS score of 5.3/10 and resides in the following implementations:

FortiOS: 5.6.0, 5.6.1, 5.6.2, 5.6.3, 5.6.4, 5.6.5, 5.6.6, 5.6.7, 5.6.8, 5.6.9, 5.6.10, 5.6.11, 5.6.12, 5.6.13, 5.6.14, 6.0.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, 6.0.5, 6.0.6, 6.0.7, 6.0.8, 6.0.9, 6.0.10, 6.0.11, 6.0.12, 6.0.13, 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.2.6, 6.2.7, 6.2.8, 6.2.9, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6 and 7.0.0.

FortiProxy: 1.2.0, 1.2.1, 1.2.2, 1.2.3, 1.2.4, 1.2.5, 1.2.6, 1.2.7, 1.2.8, 1.2.9, 1.2.10, 1.2.11, 2.0.0, 2.0.1, 2.0.2 and 2.0.3.

Although no active exploitation attempts have been detected, we must remember that these flaws can be exploited by remote threat actors, so it is best to install the available updates as soon as possible.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post RCE, CSRF and other critical vulnerabilities in FortiOS and FortiProxy affect various Fortinet products appeared first on Information Security Newspaper | Hacking News.

source

You May Also Like

Microsoft Azure cloud exposed customers’ confidential source code since 2017

A few weeks ago Microsoft contacted a small group of Azure customers…

25 vulnerabilities in F5 firewall and other products: Patch immediately

On Wednesday, specialists from the technology firm F5 Networks published a detailed…