Fortinet FortiOS Security Update Advisory (CVE-2024-21762, CVE-2024-23113)

Overview

 

Fortinet (https://www.fortinet.com) has made available an update that fixes vulnerabilities in FortiOS. Users of affected versions are advised to update to the latest version.

 

Affected Products

 

CVE-2024-21762

Applicable if SSLVPN is enabled and in use, otherwise not relevant

• FortiOS versions 7.4.0 through 7.4.2
• FortiOS versions 7.2.0 through 7.2.6
• FortiOS versions 7.0.0 through 7.0.13
• FortiOS versions 6.4.0 through 6.4.14
• FortiOS versions 6.2.0 through 6.2.15
• All versions of FortiOS 6.0
• FortiProxy versions 7.4.0 through 7.4.2
• FortiProxy versions 7.2.0 through 7.2.8
• FortiProxy versions 7.0.0 through 7.0.14
• FortiProxy versions 2.0.0 through 2.0.13
• All versions of FortiProxy 1.0, 1.1, and 1.2

 

CVE-2024-23113

Only if enabled in conjunction with FortiManager, otherwise not relevant

• FortiOS versions 7.4.0 through 7.4.2
• FortiOS versions 7.2.0 through 7.2.6
• FortiOS versions 7.0.0 through 7.0.13
• FortiPAM version 1.2.0
• FortiPAM versions 1.1.0 through 1.1.2
• All versions of FortiPAM 1.0
• FortiProxy versions 7.4.0 through 7.4.2
• FortiProxy versions 7.2.0 through 7.2.8
• FortiProxy versions 7.0.0 through 7.0.14
• FortiSwitchManag versions 7.2.0 through 7.2.3
• FortiSwitchManag versions 7.0.0 through 7.0.3

 

Resolved Vulnerabilities

 

Arbitrary code execution vulnerability due to out-of-bounds writes in FortiOS. An unauthenticated remote attacker could execute arbitrary code or commands via a specially crafted HTTP request. (CVE-2024-21762)
Arbitrary code execution vulnerability due to an external control format string in the FortiOS fgfmd daemon. An unauthenticated, remote attacker could execute arbitrary code or commands via a specially crafted request. (CVE-2024-23113)

 

Vulnerability Patches

 

Vulnerability patches were made available in the February 8, 2024 update. Please follow the instructions on the reference site to update to the latest vulnerability patch version.

CVE-2024-21762

If you have SSLVPN enabled, we strongly recommend upgrading to the resolved version using the links below. (Note: disabling SSLVPN WEB MODE only will not help)

version	patch Version
FortiOS 7.4	7.4.3 and later versions
FortiOS 7.2	7.2.7 and later versions
FortiOS 7.0	7.0.14 and later versions
FortiOS 6.4	6.4.15 and later versions
FortiOS 6.2	6.2.16 and later versions
FortiOS 6.0	migrate to a newer version
FortiProxy 7.4	7.4.3 or later
FortiProxy 7.2	7.2.9 or later
FortiProxy 7.0	7.0.15 and later versions
FortiProxy 2.0	2.0.14 and later versions
FortiProxy 1.2	moving to a newer version
FortiProxy 1.1	move to a newer version
FortiProxy 1.0	move to a newer version

 

CVE-2024-23113

If you are using FortiProxy in conjunction with FortiManager, it is strongly recommended that you upgrade to the resolved version using the links below. (FortiOS 6.x is not affected by this vulnerability and no action is required.)

version	patch Version
FortiOS 7.4	7.4.3 and later versions
FortiOS 7.2	7.2.7 and later versions
FortiOS 7.0	7.0.14 and later versions
FortiPAM 1.2	1.2.1 and later versions
FortiPAM 1.1	1.1.3 and later versions
FortiPAM 1.0	move to a newer version
FortiProxy 7.4	7.4.3 or later version
FortiProxy 7.2	7.2.9 or later
FortiProxy 7.0	7.0.16 and later versions
FortiSwitchManager 7.2	7.2.4 and later versions
FortiSwitchManager 7.0	7.0.4 and later versions

 

Referenced Sites

 

[1] CVE-2024-21762 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-21762
[2] CVE-2024-23113
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-23113
[3] FortiOS – Out-of-bound Write in sslvpnd
https://www.fortiguard.com/psirt/FG-IR-24-015
[4] FortiOS – Format String Bug in fgfmd
https://www.fortiguard.com/psirt/FG-IR-24-029