"Fortinet Patches Critical FortiOS Vulnerability Leading to Remote Code Execution"
Fortinet recently announced security updates that address a critical-severity vulnerability in FortiOS and FortiProxy that could be exploited for remote code execution (RCE). Tracked as CVE-2023-33308 (CVSS score of 9.8), the bug is described as a stack-based overflow issue impacting the deep inspection function in proxy mode. Fortinet noted that a stack-based overflow vulnerability in FortiOS & FortiProxy may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection. The company stated that because the issue only occurs if deep inspection is enabled on proxy policies or firewall policies with proxy mode, disabling the function prevents exploitation. The vulnerability impacts FortiOS and FortiProxy versions 7.2.x and 7.0.x and was resolved in FortiOS versions 7.4.0, 7.2.4, and 7.0.11, and FortiProxy versions 7.2.3 and 7.0.10. Fortinet noted that the bug was addressed in a previous release without an advisory. Recently, Fortinet also announced patches for a medium-severity FortiOS vulnerability that could allow an attacker to reuse a deleted user’s session. Tracked as CVE-2023-28001, the flaw exists because an “existing websocket connection persists after deleting API admin.” Fortinet noted that an insufficient session expiration vulnerability in FortiOS REST API may allow an attacker to reuse the session of a deleted user, should the attacker manage to obtain the API token. The vulnerability impacts FortiOS versions 7.2.x and 7.0.x and was addressed in FortiOS version 7.4.0. Fortinet users are advised to apply the patches as soon as possible.