Fortinet secures FortiOS, FortiAnalyzer and FortiClient
Security vulnerabilities in FortiClient for Windows, FortiAnalyzer and FortiOS make the systems susceptible to attacks. Updates are available.
(Image: Bild erstellt mit KI in Bing Designer durch heise online / dmk)
Fortinet has released updates that close high-risk vulnerabilities in FortiOS, FortiAnalyzer and FortiClient. Attackers can abuse the vulnerabilities to escalate their privileges, perform unauthorized sensitive actions on affected devices or gain unauthorized access to networks.
FortiClient for Windows allows attackers to escalate their rights in the system using LUA auto-patch scripts, writes Fortinet (CVE-2024-36513, CVSS 7.4, risk"high"). In another security advisory, Fortinet's developers write that attackers with low privileges can also execute arbitrary code with higher privileges in FortiClients for Windows using forged named pipe messages (CVE-2024-47574, CVSS 7.4, high). FortiClient for Windows 7.0.13, 7.2.5 and 7.4.1 close the gaps, but the LUA gap is not present in the 7.4 version branch. Anyone using FortiClient 6.4 should update to one of these versions.
Further Fortinet vulnerabilities
In FortyAnalyzer and Fortimanager, users with read-only access can start some sensitive actions, the developers write in a security note. To do this, they must be logged in to –, but the manufacturer does not specify which operations they can then carry out without authorization (CVE-2024-23666, CVSS 7.1, high). The vulnerabilities seal the versions FortiAnalyzer and Fortimanager 7.4.3, 7.2.6, 7.0.13 and 6.4.15 as well as FortiAnalyzer-BigData 7.4.1 and 7.2.7, the version branches 7.0, 6.4 and 6.2 should update to these supported versions or newer.
Videos by heise
Fortinet also warns that attackers can take over SSL VPN sessions by phishing SAML authentication links in FortiOS without prior login (CVE-2023-50176, CVSS 7.1, high). FortiOS 7.4.4, 7.2.8 and 7.0.14 or newer correct the underlying flaw.
Fortinet vulnerabilities are more frequently attacked by cybercriminals. IT managers with vulnerable Fortinet instances should therefore apply the available updates promptly.
At the end of October, Fortinet sealed a vulnerability that was already being actively attacked by attackers. A lack of authentication in Fortimanager's fgfmd daemon allowed attackers to register false appliances and ultimately execute malicious code and thus gain far-reaching access to networks.
(dmk)
