Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

Fortinet Patches Critical RCE Vulnerability in FortiClientLinux

April 10, 2024 at 08:30AM

Fortinet announced patches for critical vulnerabilities in FortiOS and other products, including a code injection bug in FortiClientLinux (CVE-2023-45590). Several high-severity vulnerabilities were also addressed in FortiOS, FortiProxy, FortiClientMac, and FortiSandbox. Users are advised to update their Fortinet appliances promptly to prevent potential cyber threats. CISA warns of the vulnerabilities’ exploitation.

Based on the meeting notes, the key takeaways are as follows:

1. Fortinet announced patches for a critical-severity remote code execution (RCE) vulnerability in FortiClientLinux, identified as CVE-2023-45590, with a CVSS score of 9.4. The vulnerability affects multiple versions of FortiClientLinux and can be exploited by an unauthenticated, remote attacker to execute arbitrary code or commands by convincing a user to visit a malicious website.

2. The company also released patches for several high-severity vulnerabilities in FortiOS, FortiProxy, FortiClientMac, and FortiSandbox. These vulnerabilities include issues in credential protection, arbitrary code execution, and arbitrary file deletion or execution.

3. Fortinet advises users to update their appliances promptly, as there has been no indication of exploitation in attacks so far. However, the US cybersecurity agency CISA has warned that cyber threat actors could potentially exploit these vulnerabilities to take control of affected systems.

This information should be disseminated to relevant teams for immediate action to update affected Fortinet appliances to mitigate the risk of potential exploitation by cyber threat actors.

Full Article