Exploitation of critical vulnerability CVE-2023-37936 could allow an unauthenticated attacker to perform RCE

Threat ID:CC-4605

Threat Severity:Medium

Published:15 January 2025 2:22 PM

Summary

Affected platforms

The following platforms are known to be affected:

Fortinet FortiSwitch

7.4.0

7.2.0 to 7.2.5

7.0.0 to 7.0.7

6.4.0 to 6.4.13

6.2.0 to 6.2.7

6.0.0 to 6.0.7

Threat details

Introduction

Fortinet has released a security advisory to address a critical vulnerability in FortiSwitch. FortiSwitch is Fortinet's scalable network switch solution that integrates with existing Fortinet infrastructure.

CVE-2023-37936 is a 'hard-coded cryptographic key' vulnerability with a CVSSv3 score of 9.6. A remote, unauthenticated attacker in possession of the cryptographic key could perform remote code execution (RCE).

Remediation advice

Affected organisations are encouraged to review the Fortinet PSIRT FG-IR-23-260 and apply the relevant updates as soon as practicable.

Definitive source of threat updates

https://fortiguard.fortinet.com/psirt/FG-IR-23-260

CVE Vulnerabilities

StatusPublished

CVE-2023-37936A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.

Last edited: 15 January 2025 2:22 pm