Advatek - Information Technology Blog

Recent Fortinet Vulnerabilities Underscore the Need for Proactive Cybersecurity Measures

Written by Matthew Roscoe | Feb 20, 2023 1:18:54 PM

Cyber threats and vulnerabilities are more prevalent than ever in today's world. Technology advances along with malicious actors' methods and strategies. To safeguard their systems and data from potential attacks, organisations must keep up with the most recent security updates and patches.

The Login page when FortiCloud Sign-in is used has an XSS vulnerability, and the administrative interfaces of FortiOS, FortiProxy, and FortiSwitchManager have an arbitrary read/write vulnerability. These vulnerabilities were recently disclosed by Fortinet.

When FortiCloud Sign-in is used, the Login page of FortiOS versions 7.0.0 through 7.0.7 and 7.2.0 through 7.2.3 is vulnerable to XSS attacks. By inserting malicious code into the "redir" parameter of the URL displayed when the "Sign in with FortiCloud" button is clicked, an attacker could take advantage of this vulnerability and possibly start an XSS attack. To mitigate this vulnerability, Fortinet advises upgrading to FortiOS versions 7.2.4 or higher and 7.0.8 or higher. Customers can also disable the "Sign in with FortiCloud" feature by entering a specific configuration system command.

The FortiOS, FortiProxy, and FortiSwitchManager administrative interface has an arbitrary read/write vulnerability that affects several product versions, including FortiOS versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, and 6.4.0 through 6.4.10. By sending specially crafted HTTP or HTTPS requests, an authorised attacker could take advantage of this vulnerability and read and write files on the underlying Linux system. Fortinet advises updating to the most recent version of the impacted products to reduce this vulnerability.

It is essential that businesses take proactive steps to address such vulnerabilities. The most recent version of the impacted products should be used to help defend against potential attacks. To reduce the risk of a successful attack, organisations should also implement security best practises and conduct regular assessments of their security posture.

Fortinet or an authorised Fortinet partner should be contacted for advice if you're a customer and need help mitigating these vulnerabilities. One such partner that can offer Fortinet solution expertise and help with locating and addressing security vulnerabilities is Advatek. To make sure your company's security posture is current and secure, get in touch with Advatek.