Patchday Fortinet: FortiADC vulnerable to espionage attacks
Attackers can target several Fortinet products and gain access to sensitive data, among other things.
Security updates close several gaps in FortiADC, FortiAIOps, FortiExtender, FortiOS and FortiWeb. Admins who use Fortinet appliances or software in companies should update their systems promptly. There are currently no reports of ongoing attacks.
The most dangerous security vulnerabilities
Because FortiADC does not sufficiently check certificates, attackers can connect to connections as a man-in-the-middle and record data (CVE-2024-50178 "high"). This affects the connection to the FortiToken Cloud, for example, the developers explain in a post. FortiADC 7.2.4 and 7.4.1 are equipped against this.
Due to a vulnerability (CVE-2024-23663 "high") in the access control of FortiExtender, an authenticated attacker can gain access via a prepared HTTP request and create user accounts. As can be seen from a warning message, versions 7.0.5, 7.2.5 and 7.4.3 are equipped against this.
FortiAIOps is vulnerable to several attacks (CVE-2024-27782 "high", CVE-2024-27783 "high", CVE-2024-27784 "high"). Attackers can gain access to sensitive information at these points, among other things.
Secure systems
The majority of the remaining vulnerabilities have a "medium" threat level. Here, attackers can use an XSS attack under FortiOS to trick victims into connecting to a malicious Samba server. Write access to FortiADC is conceivable via manipulated HTTP or HTTPS requests.
Fortinet provides further information on the vulnerabilities and security updates in the security section of its website.
(des)