Lansweeper
Vulnerability
Contents
Fortinet Patches Critical FortiClientLinux Vulnerability
3 min. read
11/04/2024
By Laura Libeer
TL;DR | Go Straight to the FortiClient Version Audit Report
Fortinet has released security patches in response to a critical vulnerability in FortiClientLinux. When successfully exploited the issue could lead to arbitrary code execution which can in turn compromise the integrity of sensitive data and systems. You can check the version of any instances of FortiClient installations in your network using the version audit report, to make sure they are all on the fixed version.
FortiClient Linux Vulnerability CVE-2023-45590
The vulnerability tracked as CVE-2023-45590 is described in Fortinet’s advisory as “An Improper Control of Generation of Code (‘Code Injection’) vulnerability” in FortiClientLinux. It received a critical CVSS score of 9.4 and could allow an unauthenticated attacker to execute arbitrary code by tricking a FortiClientLinux user into visiting a malicious website. Arbitrary code execution can compromise the integrity of sensitive data and systems.
Fortinet also received patches for 2 more high-severity issues:
- CVE-2023-45588 and CVE-2024-31492: An external control of file name or path vulnerability in FortiClientMac’s installer. This could allow a local attacker to execute arbitrary code or commands.
- CVE-2023-41677: An insufficiently protected credentials vulnerability in FortiOS and FortiProxy. This issue could allow an attacker to obtain the administrator cookie in rare and specific conditions.
Update Vulnerable Fortinet Installations
Each of these vulnerabilities affects a different range of Fortinet products. Users are advised to update vulnerable instances of FortiClientLinux, FortiClientMac, FortiOS, and FortiProxy to the latest version as found in the table below. Make sure to update any affected devices as soon as possible.
CVE-2023-45590: FortiClientLinux
Product and Version | Affected Version | Solution |
FortiClientLinux 7.2 | 7.2.0 | Upgrade to 7.2.1 or above |
FortiClientLinux 7.0 | 7.0.6 through 7.0.10 | Upgrade to 7.0.11 or above |
FortiClientLinux 7.0 | 7.0.3 through 7.0.4 | Upgrade to 7.0.11 or above |
CVE-2023-45588 and CVE-2024-31492: FortiClientMac
Product and Version | Affected Version | Solution |
FortiClientMac 7.2 | 7.2.0 through 7.2.3 | Upgrade to 7.2.4 or above |
FortiClientMac 7.0 | 7.0.6 through 7.0.10 | Upgrade to 7.0.11 or above |
CVE-2023-41677: FortiOS and FortiProxy
Product and Version | Affected Version | Solution |
FortiOS 7.4 | 7.4.0 through 7.4.1 | Upgrade to 7.4.2 or above |
FortiOS 7.2 | 7.2.0 through 7.2.6 | Upgrade to 7.2.7 or above |
FortiOS 7.0 | 7.0.0 through 7.0.12 | Upgrade to 7.0.13 or above |
FortiOS 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
FortiOS 6.2 | 6.2.0 through 6.2.15 | Upgrade to 6.2.16 or above |
FortiOS 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiProxy 7.4 | 7.4.0 through 7.4.1 | Upgrade to 7.4.2 or above |
FortiProxy 7.2 | 7.2.0 through 7.2.7 | Upgrade to 7.2.8 or above |
FortiProxy 7.0 | 7.0.0 through 7.0.13 | Upgrade to 7.0.14 or above |
FortiProxy 2.0 | 2.0 all versions | Migrate to a fixed release |
FortiProxy 1.2 | 1.2 all versions | Migrate to a fixed release |
FortiProxy 1.1 | 1.1 all versions | Migrate to a fixed release |
FortiProxy 1.0 | 1.0 all versions | Migrate to a fixed release |
Discover Vulnerable Fortinet Installs
Our team has added 2 new reports to Lansweeper to help you locate vulnerable Fortinet products, 1 for FortiClient and 1 for Fortinet Firmware. This will give you a list of instances of Fortinet products and their versions, so you can more easily check if they are all up to date. You can get the reports via the links below.
Run the FortiClient Version Audit
Run the Fortinet Firmware Version Audit
-
Copied
Receive the latest vulnerability audit reports
Sign up for free.
"*" indicates required fields
Email*
HiddenEmailType HiddenIM – Conv Page – Processing HiddenIM – UTM_Campaign FC – Processing HiddenIM – UTM_Campaign LC – Processing HiddenIM – UTM_Content FC – Processing HiddenIM – UTM_Content LC – Processing HiddenIM – UTM_Medium FC – Processing HiddenIM – UTM_Medium LC – Processing HiddenIM – UTM_Source FC – Processing HiddenIM – UTM_Source LC – Processing HiddenIM – UTM_Term FC – Processing HiddenIM – UTM_Term LC – Processing Hiddengclid Hiddenmsclkid EmailThis field is for validation purposes and should be left unchanged.
gform.initializeOnLoaded( function() {gformInitSpinner( 38, ‘ true );jQuery(‘#gform_ajax_frame_38’).on(‘load’,function(){var contents = jQuery(this).contents().find(‘*’).html();var is_postback = contents.indexOf(‘GF_AJAX_POSTBACK’) >= 0;if(!is_postback){return;}var form_content = jQuery(this).contents().find(‘#gform_wrapper_38’);var is_confirmation = jQuery(this).contents().find(‘#gform_confirmation_wrapper_38’).length > 0;var is_redirect = contents.indexOf(‘gformRedirect(){‘) >= 0;var is_form = form_content.length > 0 && ! is_redirect && ! is_confirmation;var mt = parseInt(jQuery(‘html’).css(‘margin-top’), 10) + parseInt(jQuery(‘body’).css(‘margin-top’), 10) + 100;if(is_form){jQuery(‘#gform_wrapper_38’).html(form_content.html());if(form_content.hasClass(‘gform_validation_error’)){jQuery(‘#gform_wrapper_38’).addClass(‘gform_validation_error’);} else {jQuery(‘#gform_wrapper_38’).removeClass(‘gform_validation_error’);}setTimeout( function() { /* delay the scroll by 50 milliseconds to fix a bug in chrome */ jQuery(document).scrollTop(jQuery(‘#gform_wrapper_38’).offset().top – mt); }, 50 );if(window[‘gformInitDatepicker’]) {gformInitDatepicker();}if(window[‘gformInitPriceFields’]) {gformInitPriceFields();}var current_page = jQuery(‘#gform_source_page_number_38’).val();gformInitSpinner( 38, ‘ true );jQuery(document).trigger(‘gform_page_loaded’, [38, current_page]);window[‘gf_submitting_38’] = false;}else if(!is_redirect){var confirmation_content = jQuery(this).contents().find(‘.GF_AJAX_POSTBACK’).html();if(!confirmation_content){confirmation_content = contents;}setTimeout(function(){jQuery(‘#gform_wrapper_38’).replaceWith(confirmation_content);jQuery(document).scrollTop(jQuery(‘#gf_38’).offset().top – mt);jQuery(document).trigger(‘gform_confirmation_loaded’, [38]);window[‘gf_submitting_38’] = false;wp.a11y.speak(jQuery(‘#gform_confirmation_message_38’).text());}, 50);}else{jQuery(‘#gform_38’).append(contents);if(window[‘gformRedirect’]) {gformRedirect();}}jQuery(document).trigger(“gform_pre_post_render”, [{ formId: “38”, currentPage: “current_page”, abort: function() { this.preventDefault(); } }]); if (event.defaultPrevented) { return; } const gformWrapperDiv = document.getElementById( “gform_wrapper_38” ); if ( gformWrapperDiv ) { const visibilitySpan = document.createElement( “span” ); visibilitySpan.id = “gform_visibility_test_38”; gformWrapperDiv.insertAdjacentElement( “afterend”, visibilitySpan ); } const visibilityTestDiv = document.getElementById( “gform_visibility_test_38” ); let postRenderFired = false; function triggerPostRender() { if ( postRenderFired ) { return; } postRenderFired = true; jQuery( document ).trigger( ‘gform_post_render’, [38, current_page] ); gform.utils.trigger( { event: ‘gform/postRender’, native: false, data: { formId: 38, currentPage: current_page } } ); if ( visibilityTestDiv ) { visibilityTestDiv.parentNode.removeChild( visibilityTestDiv ); } } function debounce( func, wait, immediate ) { var timeout; return function() { var context = this, args = arguments; var later = function() { timeout = null; if ( !immediate ) func.apply( context, args ); }; var callNow = immediate && !timeout; clearTimeout( timeout ); timeout = setTimeout( later, wait ); if ( callNow ) func.apply( context, args ); }; } const debouncedTriggerPostRender = debounce( function() { triggerPostRender(); }, 200 ); if ( visibilityTestDiv && visibilityTestDiv.offsetParent === null ) { const observer = new MutationObserver( ( mutations ) => { mutations.forEach( ( mutation ) => { if ( mutation.type === ‘attributes’ && visibilityTestDiv.offsetParent !== null ) { debouncedTriggerPostRender(); observer.disconnect(); } }); }); observer.observe( document.body, { attributes: true, childList: false, subtree: true, attributeFilter: [ ‘style’, ‘class’ ], }); } else { triggerPostRender(); } } );} );
NO CREDIT CARD REQUIRED
Ready to get started?
You’ll be up and running in no time.
Explore all our features, free for 14 days.
TRY NOW
TALK TO SALES