SonicWall and Fortinet Network Security Products Have New Vulnerabilities


O
n Wednesday, SonicWall urged users of its Global Management System (GMS) firewall management and Analytics network reporting engine software to update their systems in order to protect themselves from a group of 15 security flaws that a threat actor could use to bypass authentication and gain access to confidential data.


Four of the 15 flaws (numbered CVE-2023-34123 through CVE-2023-34137) are classified as Critical, four as High, and seven as Medium in severity. NCC Group made the vulnerabilities public.

The vulnerabilities affect Analytics 2.5.0.4-R7 and earlier, as well as GMS 9.3.2-SP1 and earlier on-premises versions. Versions GMS 9.3.3 and Analytics 2.5.2 both provide fixes.
According to SonicWall, "the set of flaws enables an attacker to view data that they are not normally able to retrieve." "This could include your personal information or any other information that the program has access to. In many instances, an attacker can update or remove this data, permanently altering the application's behavior or content.



The list of critical flaws is as follows:

 -CVE-2023-34124 (CVSS score: 9.4)
 - Web Service Authentication Bypass
CVE-2023-34133 (CVSS score: 9.8)
 - Multiple Unauthenticated SQL Injection Issues and Security Filter Bypass
CVE-2023-34134 (CVSS score: 9.8)
 - Password Hash Read via Web Service
CVE-2023-34137 (CVSS score: 9.4) 
- Cloud App Security (CAS) Authentication Bypass


The disclosure comes as Fortinet disclosed a serious bug affecting FortiOS and FortiProxy (CVE-2023-33308, CVSS score: 9.8) that under certain conditions might allow an adversary to obtain remote code execution. Without providing an advise, it stated that the problem had been fixed in a prior release.
The business stated in an advisory that a stack-based overflow vulnerability in FortiOS and FortiProxy might allow a remote attacker to execute arbitrary code or commands via crafted packets that reach proxy rules or firewall policies with proxy mode in addition to SSL deep packet inspection.


Versions of FortiProxy, 7.2.0 through 7.2.2, and FortiOS, 7.2.0 through 7.2.3, as well as versions 7.0.0 through 7.0.10, are affected products. The following versions are those that close the security gap:


Version 7.4.0 or later of FortiOS
Version 7.2.4 or later of FortiOS
Version 7.0.11 or later of FortiOS
FortiProxy versions 7.2.3 and beyond, as well as 7.0.10 and later


It's important to note that not all versions of FortiOS 6.0, FortiOS 6.2, FortiOS 6.4, and FortiProxy 1.x and FortiProxy 2.x are affected by the bug.


Fortinet advises customers to stop HTTP/2 support on SSL inspection profiles used by proxy rules or firewall policies with proxy mode if they are unable to deploy the upgrades right away.

Comments