Fortinet Products Multiple Vulnerabilities

Release Date: 16 Nov 2023 6316 Views

RISK: Medium Risk

TYPE: Operating Systems - Networks OS

Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, remote code execution, sensitive information disclosure, denial of service, elevation of privilege and security restriction bypass on the targeted system.

Impact

Security Restriction Bypass
Information Disclosure
Remote Code Execution
Elevation of Privilege
Denial of Service
Data Manipulation

System / Technologies affected

FGT_VM64_KVM version 7.0.1 through 7.0.13
FGT_VM64_KVM version 7.2.0 through 7.2.6
FGT_VM64_KVM version 7.4.0 through 7.4.1
FortiClientWindows 6.0 all versions
FortiClientWindows 6.2 all versions
FortiClientWindows version 6.4.0 through 6.4.8
FortiClientWindows version 7.0.0 through 7.0.9
FortiClientWindows version 7.2.0 through 7.2.1
FortiGate (Only FGT_VM64_KVM model is impacted and authentication is required)
FortiMail 6.0 all versions
FortiMail 6.2 all versions
FortiMail 6.4 all versions
FortiMail verison 7.0.0 through 7.0.6
FortiMail version 7.2.0 through 7.2.4
FortiMail version 7.4.0
FortiOS version 6.0 all versions
FortiOS version 6.2 all versions
FortiOS version 6.4 all versions
FortiOS version 7.0.0 through 7.0.12
FortiOS version 7.2.0 through 7.2.5
FortiOS version 7.4.0
FortiProxy 1.0 all versions
FortiProxy 1.1 all versions
FortiProxy 1.2 all versions
FortiProxy 2.0 all versions
FortiProxy 7.0 all versions
FortiProxy 7.2 all versions

Solutions

Before installation of the software, please visit the vendor web-site for more details.

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Fortinet