FSSO DC Agent and Collector authentication bypass in Fortinet FortiOS
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2021-26088 |
| CWE-ID | CWE-287 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
FortiOS Operating systems & Components / Operating system |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) Improper authentication
EUVDB-ID: #VU54848
Risk: Medium
CVSSv3.1: 5.5 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2021-26088
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to bypass authentication process.
The vulnerability exists due to an error in FSSO Collector when processing authentication requests. A remote attacker can send specifically crafted UDP login notification packets to bypass any firewall authentication rule and access the protected network.
The vulnerability affects both the FSSO DC Agent and Collector.
Install updates from vendor's website.
Vulnerable software versionsFortiOS: 6.0.0 - 7.0.0
External linkshttp://fortiguard.com/advisory/FG-IR-20-191
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
