uTalk

thrive

Member

Registered: 2023-01-04

Posts: 2,068

SonicWall and Fortinet Network Security Products Have New Vulnerabilit

On Wednesday, SonicWall urged users of its Global Management System (GMS) firewall management and Analytics network reporting engine software to update their systems in order to protect themselves from a group of 15 security holes that a threat actor could use to bypass authentication and gain access to confidential data.

Four are classified as Critical, four as High, and seven are classified as Medium among the 15 flaws (tracked from CVE-2023-34123 through CVE-2023-34137). NCC Group made the vulnerabilities public.

Versions of GMS 9.3 that are installed locally are affected by the flaws. 2-SP1 and earlier, and Analytics 2.5. Before 0.4-R7. Versions GMS 9.3 have fixes available. 3 as well as Analytics 2.5. 2.

SonicWall stated that the vulnerabilities "allow an attacker to view data that they are not normally able to retrieve.". Any other data that the application itself has access to, as well as data belonging to other users, may fall under this category. It is frequently possible for an attacker to change or remove this data, permanently altering the application's functionality. ".

The following is a list of the critical issues.

Web Service Authentication Bypass, CVE-2023-34124 (CVSS grade: 9.4).
Multiple unauthenticated SQL injection problems and security filter bypass are both part of CVE-2023-34133 (CVSS grade: 9.8).
Password Hash Read via Web Service, CVE-2023-34134 (CVSS score: 9.8).
Cloud App Security (CAS) Authentication Bypass, CVE-2023-34137 (CVSS grade: 9.4).
The information was made public at the same time that Fortinet disclosed a serious vulnerability that affected FortiOS and FortiProxy (CVE-2023-33308, CVSS score: 9.8) and that, in certain situations, could allow an adversary to execute code remotely. Without issuing an advisory, it claimed that the problem had been fixed in a prior release.

The company stated in an advisory that "a stack-based overflow vulnerability [CWE-124] in FortiOS and FortiProxy may enable a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode along with SSL deep packet inspection.".

FortiOS 7.2 is among the impacted products. 0 to 7.2. three and seven zero. from 0 to 7.0. 10 and 7.2 of FortiProxy.
between 0 and 7.2. 7.0 and 2 are.
between 0 and 7.0. 9.
Below is a list of the versions that close the security gap.

the 7.4 update to FortiOS.
0, or higher.

FortiOS 7.2 is used.
4 or greater.

Release 7.0 of FortiOS.
11 or older.

version 7.2 of FortiProxy. a 3 or higher, and.

Using FortiProxy 7.0. at least ten.

It is important to note that not all versions of FortiOS 6.0, FortiOS 6.2, FortiOS 6.4, and FortiProxy 1 are affected by the bug. FortiProxy 2 and x. x.

Customers who are unable to update right away are advised by Fortinet to disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies in proxy mode.