FortiOS and FortiProxy Remote Code Execution Vulnerability (CVE-2023-25610)
Dark Lab on Mar 14 2023
Share:
FortiOS / FortiProxy - Heap buffer underflow in administrative interface
The vendor has released patches to remediate the vulnerability. Alternatively, the vendor also provided a set of temporary workarounds for
FortiOS only:
Workaround for FortiOS:
Workaround 1: Disable HTTP/HTTPS administrative interface
Workaround 2: Harden access control to administrative interface
a) Limit IP addresses that can access the administrative interface
b) Create an Address Group
c) Create Local in Policy to restrict access only to the predefined group on the management interface
d) [Optional] If using non-default ports, create appropriate service object for GUI administrative access
We advise you refer to the vendor advisory for a more verbose set of instructions to implement Workaround 2. https://www.fortiguard.com/psirt/FG-IR-23-001
https://www.fortiguard.com/psirt/FG-IR-23-001
The vendor has released patches to remediate the vulnerability. Alternatively, the vendor also provided a set of temporary workarounds for
FortiOS only:
Workaround for FortiOS:
Workaround 1: Disable HTTP/HTTPS administrative interface
Workaround 2: Harden access control to administrative interface
a) Limit IP addresses that can access the administrative interface
b) Create an Address Group
c) Create Local in Policy to restrict access only to the predefined group on the management interface
d) [Optional] If using non-default ports, create appropriate service object for GUI administrative access
We advise you refer to the vendor advisory for a more verbose set of instructions to implement Workaround 2. https://www.fortiguard.com/psirt/FG-IR-23-001
https://www.fortiguard.com/psirt/FG-IR-23-001