Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code Remotely
Fortinet, a leading cybersecurity solutions provider, has issued urgent advisories regarding two critical vulnerabilities affecting its FortiWLM and FortiManager products.
These flaws could enable attackers to execute unauthorized code or commands remotely, posing significant risks to enterprise networks.
FortiWLM Vulnerability (CVE-2023-34990):
A critical security flaw, identified as CVE-2023-34990, has been discovered in Fortinet’s FortiWLM, a wireless LAN management solution.
With a CVSS score of 9.6, this vulnerability stems from a relative path traversal issue (CWE-23) that allows unauthenticated attackers to read sensitive files. The affected versions include:
- FortiWLM 8.6: 8.6.0 through 8.6.5
- FortiWLM 8.5: 8.5.0 through 8.5.4
Fortinet has released updates to address this issue, urging users to upgrade to FortiWLM 8.6.6 or above for version 8.6 and 8.5.5 or above for version 8.5.
Security researcher Zach Hanley of Horizon3.ai identified that the vulnerability stems from improper validation of the imagename parameter in the /ems/cgi-bin/ezrf_lighttpd.cgi endpoint.
This flaw enables attackers to construct requests with path traversal sequences to access files outside the intended directory
FortiManager Vulnerability (CVE-2024-48889):
Another critical vulnerability, tracked as CVE-2024-48889, affects Fortinet’s FortiManager, a centralized security management platform.
This flaw, with a CVSS score of 7.2, arises from improper neutralization of special elements in OS commands (CWE-78), potentially allowing authenticated attackers to execute arbitrary code remotely. The affected versions include:
- FortiManager 7.6: 7.6.0
- FortiManager 7.4: 7.4.0 through 7.4.4
- FortiManager 7.4 Cloud: 7.4.1 through 7.4.4
- FortiManager 7.2: 7.2.3 through 7.2.7
- FortiManager 7.2 Cloud: 7.2.1 through 7.2.7
- FortiManager 7.0: 7.0.5 through 7.0.12
- FortiManager 7.0 Cloud: 7.0.1 through 7.0.12
- FortiManager 6.4: 6.4.10 through 6.4.14
Additionally, older FortiAnalyzer models with the `fmg-status` feature enabled are also impacted. Fortinet has provided updates for these versions, recommending users upgrade to the latest versions to mitigate the risk.
Organizations and individuals relying on Fortinet products are strongly advised to apply the necessary updates immediately to protect their systems and data from potential attacks.
Fortinet’s advisories provide detailed information on affected versions, remediation steps, and workarounds. Users should consult these resources and take appropriate action to secure their environments.
The discovery of these critical vulnerabilities underscores the importance of timely patching and vigilant cybersecurity practices.
Fortinet’s proactive approach to addressing these issues highlights the ongoing battle against cyber threats and the need for continuous security updates in enterprise environments.