Unauthenticated remote code execution in FortiOS and FortiProxy admin interface
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-25610 |
| CWE-ID | CWE-124 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #1 is available. |
| Vulnerable software Subscribe |
FortiOS Operating systems & Components / Operating system FortiProxy Hardware solutions / Routers & switches, VoIP, GSM, etc |
| Vendor | Fortinet, Inc |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Buffer Underwrite ('Buffer Underflow')
EUVDB-ID: #VU73200
Risk: High
CVSSv3.1: 8.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C]
CVE-ID: CVE-2023-25610
CWE-ID:
CWE-124 - Buffer Underwrite ('Buffer Underflow')
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to compromise the affected device.
The vulnerability exists due to a heap buffer underflow in the administrative interface. A remote non-authenticated attacker can send a specially crafted request to the administrative web interface of the affected device, trigger memory corruption and execute arbitrary code on the system.
Install updates from vendor's website.
Vulnerable software versionsFortiOS: 6.0.0 - 7.2.3
FortiProxy: 1.1.0 - 7.2.2
External linkshttp://fortiguard.fortinet.com/psirt/FG-IR-23-001
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
