Fortinet has released patches to address a critical security flaw affecting FortiClient Linux that could be exploited to achieve arbitrary code execution.
Identified as CVE-2023-45590, the vulnerability has a CVSS score of 9.4 out of a maximum of 10.
“An Improper Control of Code Generation (‘Code Injection’) [CWE-94] vulnerability in FortiClient Linux could allow an unauthenticated attacker to execute arbitrary code by tricking a FortiClient Linux user into visiting a website. malicious,” Fortinet said in a statement.
IMPACT ON SAFETY
The flaw, which has been described as a case of remote code execution due to a “dangerous Nodejs configuration,” affects the following versions:
– FortiClient Linux versions 7.0.3 to 7.0.4 and 7.0.6 to 7.0.10 (Upgrade to 7.0.11 or higher)
– FortiClient Linux version 7.2.0 (Upgrade to 7.2.1 or higher)
Security researcher CataLpa from Dbappsecurity has been recognized for discovering and reporting the vulnerability.
OTHER PROBLEMS ADDRESSED BY PATCHES
Fortinet’s April 2024 security patches also address an issue with the FortiClientMac installer that could also lead to code execution (CVE-2023-45588 and CVE-2024-31492, CVSS scores: 7.8).
Additionally, a FortiOS and FortiProxy bug that could leak administrator cookies in certain scenarios has been fixed (CVE-2023-41677, CVSS score: 7.5).
Although there is no evidence that any of the flaws are currently being exploited, it is recommended that users keep their systems updated to mitigate potential threats.
