Skip to main content

A critical vulnerability could lead to unauthenticated arbitrary code execution

Threat ID:CC-4560
Threat Severity:Medium
Published:10 October 2024 1:19 PM

Summary

A critical vulnerability could lead to unauthenticated arbitrary code execution

Affected platforms

The following platforms are known to be affected:

Threat details

Exploitation of CVE-2024-23113

CVE-2024-23113 was added to the US Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerability Catalog based on evidence of exploitation in the wild.

SSLVPN and firewall appliances are internet-facing by design and frequent targets for cyber threat groups.


Introduction

Fortinet has released a security advisory to address a critical vulnerability in the FortiOS fgfmd daemon. 

CVE-2024-23113 is a ‘use of externally-controlled format string’ vulnerability with a CVSSv3 score of 9.8. A remote unauthenticated attacker could send specially crafted requests to execute arbitrary code (ACE) or commands. 
 

Remediation advice

Affected organisations are encouraged to review Fortinet PSIRT Advisory FG-IR-24-029 and apply security updates as soon as practicable. 

NOTE: Fortinet recommends using their Upgrade Path Tool to see the recommended upgrade path for a particular Fortinet product.

Definitive source of threat updates

CVE Vulnerabilities

StatusPublished
CVE-2024-23113A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.

Last edited: 10 October 2024 1:19 pm

Back to top