Fortinet has released updates to fix a critical security flaw in its FortiNAC network access control solution that could allow arbitrary code to be executed.
Followed as CVE-2023-33299, the blemish is appraised 9.6 out of 10 for seriousness on the CVSS scoring framework. A case of Java untrusted object deserialization has been described.
In a recent advisory, Fortinet stated, “A deserialization of untrusted data vulnerability [CWE-502] in FortiNAC may allow an unauthenticated user to execute unauthorized code or commands via specifically crafted requests to the tcp/1050 service.”
The following products are affected by the flaw, which can be patched with FortiNAC versions 7.2.2, 9.1.10, 9.2.8, and 9.4.3 or later:
- FortiNAC version 9.4.0 through 9.4.2
- FortiNAC version 9.2.0 through 9.2.7
- FortiNAC version 9.1.0 through 9.1.9
- FortiNAC version 7.2.0 through 7.2.1
- FortiNAC 8.8 all versions
- FortiNAC 8.7 all versions
- FortiNAC 8.6 all versions
- FortiNAC 8.5 all versions, and
- FortiNAC 8.3 all versions
Another medium-severity vulnerability, identified as CVE-2023-33300 (CVSS score: 4.8), a problem with incorrect access control that affected FortiNAC versions 9.4.0 through 9.4.3 and 7.2.0 through 7.2.1. It has been fixed in FortiNAC renditions 7.2.2 and 9.4.4.
The two bugs have been credited to Florian Hauser of the German cybersecurity firm CODE WHITE for discovering and reporting them.
The alert comes as a result of the active exploit of another critical FortiOS and FortiProxy vulnerability (CVE-2023-27997, CVSS score: 9.2) that could make it possible for a remote attacker to use specially crafted requests to carry out arbitrary code or commands.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to the Known Exploited Vulnerabilities (KEV) catalog after Fortinet acknowledged that it may have been exploited in limited attacks against the government, manufacturing, and critical infrastructure sectors earlier this month.
Additionally, it comes after Fortinet fixed a serious bug in FortiNAC (CVE-2022-39952, CVSS score: 9.8) that may result in the execution of arbitrary code. The imperfection has since gone under dynamic double-dealing not long after a proof-of-idea (PoC) was made accessible.
In a connected turn of events, Grafana has delivered patches for a basic security weakness (CVE-2023-3128) that could allow pernicious aggressors to sidestep validation and assume control over any record that utilizations Purplish blue Dynamic Registry for confirmation.
“The attacker can gain complete control of a user’s account, including access to private customer data and sensitive information” if the vulnerability is exploited, Grafana stated. The attacker can gain complete control of a user’s account, including access to confidential customer data, if this vulnerability is exploited.”