Fortinet Products Multiple Vulnerabilities
Release Date:
16 Nov 2023
6488
Views
RISK: Medium Risk
TYPE: Operating Systems - Networks OS
Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger data manipulation, remote code execution, sensitive information disclosure, denial of service, elevation of privilege and security restriction bypass on the targeted system.
Impact
- Security Restriction Bypass
- Information Disclosure
- Remote Code Execution
- Elevation of Privilege
- Denial of Service
- Data Manipulation
System / Technologies affected
- FGT_VM64_KVM version 7.0.1 through 7.0.13
- FGT_VM64_KVM version 7.2.0 through 7.2.6
- FGT_VM64_KVM version 7.4.0 through 7.4.1
- FortiClientWindows 6.0 all versions
- FortiClientWindows 6.2 all versions
- FortiClientWindows version 6.4.0 through 6.4.8
- FortiClientWindows version 7.0.0 through 7.0.9
- FortiClientWindows version 7.2.0 through 7.2.1
- FortiGate (Only FGT_VM64_KVM model is impacted and authentication is required)
- FortiMail 6.0 all versions
- FortiMail 6.2 all versions
- FortiMail 6.4 all versions
- FortiMail verison 7.0.0 through 7.0.6
- FortiMail version 7.2.0 through 7.2.4
- FortiMail version 7.4.0
- FortiOS version 6.0 all versions
- FortiOS version 6.2 all versions
- FortiOS version 6.4 all versions
- FortiOS version 7.0.0 through 7.0.12
- FortiOS version 7.2.0 through 7.2.5
- FortiOS version 7.4.0
- FortiProxy 1.0 all versions
- FortiProxy 1.1 all versions
- FortiProxy 1.2 all versions
- FortiProxy 2.0 all versions
- FortiProxy 7.0 all versions
- FortiProxy 7.2 all versions
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://www.fortiguard.com/psirt/FG-IR-22-299
- https://www.fortiguard.com/psirt/FG-IR-22-396
- https://www.fortiguard.com/psirt/FG-IR-23-108
- https://www.fortiguard.com/psirt/FG-IR-23-151
- https://www.fortiguard.com/psirt/FG-IR-23-203
- https://www.fortiguard.com/psirt/FG-IR-23-274
- https://www.fortiguard.com/psirt/FG-IR-23-287
- https://www.fortiguard.com/psirt/FG-IR-23-385
Vulnerability Identifier
- CVE-2022-40681
- CVE-2023-28002
- CVE-2023-33304
- CVE-2023-36633
- CVE-2023-36641
- CVE-2023-38545
- CVE-2023-38546
- CVE-2023-41840
- CVE-2023-45582
Source
Related Link
- https://www.fortiguard.com/psirt/FG-IR-22-299
- https://www.fortiguard.com/psirt/FG-IR-22-396
- https://www.fortiguard.com/psirt/FG-IR-23-108
- https://www.fortiguard.com/psirt/FG-IR-23-151
- https://www.fortiguard.com/psirt/FG-IR-23-203
- https://www.fortiguard.com/psirt/FG-IR-23-274
- https://www.fortiguard.com/psirt/FG-IR-23-287
- https://www.fortiguard.com/psirt/FG-IR-23-385
Related Tags
Share with