WARNING: FORTINET PATCHES A CRITICAL VULNERABILITY
A buffer underwrite ('buffer underflow') vulnerability in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests.
Fortinet states they are “not aware of any instance where this vulnerability was exploited in the wild.” They say they “continuously review and test the security of [their] products, and this vulnerability was internally discovered within that frame.”
CVE-2023-26610 is easily exploitable and could have a high impact on the confidentiality, integrity and availability of the affected devices. A list of affected devices can be found here: https://www.fortiguard.com/psirt/FG-IR-23-001
The Centre for Cyber security Belgium recommends system administrators to patch vulnerable systems as soon as possible and to analyse system and network logs for any suspicious activity. Organisations should investigate if they suspect an intrusion attempt.
If your organization has already identified an intrusion or incident, please report it via: https://cert.be/en/report-incident.
The Centre for Cyber Security Belgium strongly recommends system administrators to take the following actions:
Update vulnerable devices as soon as possible. A list of vulnerable devices can be found here: https://www.fortiguard.com/psirt/FG-IR-23-001.