Improper Certificate Validation in FortiOS

#VU86280 Improper Certificate Validation in FortiOS

Published: 2024-02-09

Vulnerability identifier: #VU86280

Vulnerability risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-47537

CWE-ID: CWE-295

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
FortiOS
Operating systems & Components / Operating system

Vendor: Fortinet, Inc

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to improper certificate validation in Fortilink. A remote attacker in a Man-in-the-Middle position can decipher and alter the FortiLink communication channel between the FortiOS device and a FortiSwitch instance.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

FortiOS: 7.4.0 - 7.4.1, 7.2.0 - 7.2.6, 7.0.0 - 7.0.13

External links
http://www.fortiguard.com/psirt/FG-IR-23-301

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Fortigate NGFW on Siemens RUGGEDCOM APE1808 devices

MitM attack in FortiOS Fortilink