![]() ![]() ![]() FortiProxy version 2.0.0 through 2.0.11.The following versions of FortiOS and FortiProxy are impacted by the vulnerability – However, considering the history of previous software vulnerabilities being used in the wild, users must act swiftly in installing the patches. ![]() When the reserved space is larger than the input data, it leads to underflow bugs or buffer underruns, resulting in unpredictable behavior or the inadvertent disclosure of sensitive data from memory.Īdditional potential outcomes involve memory corruption that could be exploited to cause a crash or perform unauthorized code execution.Īccording to Fortinet, no reported instances of the vulnerability being maliciously exploited exist. The vulnerability, named CVE-2023-25610, has been assigned a severity rating of 9.3 out of 10 and was discovered and reported by Fortinet’s security teams.įortinet’s advisory stated that the vulnerability is a buffer underwrite issue in the administrative interface of FortiOS and FortiProxy, which could enable an unauthenticated, remote attacker to execute arbitrary code on the device and perform a DoS on the GUI by using specifically crafted requests. Fortinet has released updates to address 15 security flaws, one of which is a critical vulnerability that affects FortiOS and FortiProxy, allowing a threat actor to gain control of impacted systems. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |