Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution.
Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.
“An Improper Control of Generation of Code (‘Code Injection’) vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website,” Fortinet said in an advisory.
The shortcoming, which has been described as a case of remote code execution due to a “dangerous nodejs configuration,” impacts the following versions –
- FortiClientLinux versions 7.0.3 through 7.0.4 and 7.0.6 through 7.0.10 (Upgrade to 7.0.11 or above)
- FortiClientLinux version 7.2.0 (Upgrade to 7.2.1 or above)
Security researcher CataLpa from Dbappsecurity has been credited with discovering and reporting the vulnerability.
Fortinet’s security patches for April 2024 also address an issue with FortiClientMac installer that could also lead to code execution (CVE-2023-45588 and CVE-2024-31492, CVSS scores: 7.8).
Also resolved is a FortiOS and FortiProxy bug that could leak administrator cookies in certain scenarios (CVE-2023-41677, CVSS score: 7.5).
While there is no evidence of any of the flaws being exploited in the wild, it’s recommended that users keep their systems up-to-date to mitigate potential threats.
________________________________________________
Here, we deliver the latest insights from the world of cybersecurity, featuring updates from industry leaders and our trusted partners. Stay ahead of emerging threats, cutting-edge solutions, and the opportunities defining the future of digital security. 🛡️🌐
Thank you for trusting us as your guide. 🔒 Together, we’re building a safer digital world!
