fortiguard.fortinet.com
Open in
urlscan Pro
154.52.23.134
Public Scan
URL:
https://fortiguard.fortinet.com/psirt/FG-IR-24-029
Submission: On October 10 via api from DE — Scanned from US
Submission: On October 10 via api from DE — Scanned from US
Form analysis 2 forms found in the DOM
GET /search
<form action="/search" method="get" class="form-check d-none ng-pristine ng-valid">
<span class="search_flat">
<label for="search_field_header" class="visually-hidden" id="label-search_field-header">Search</label>
<input id="search_field_header" type="text" class="search_field" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button type="submit" value=" " class="btn btn-sm" aria-label="Submit your search">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=31430" alt="search">
</button>
<div class="global_search-popup">
<fieldset>
<legend class="visually-hidden">Please select any available option</legend>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="all_home" class="form-check-input search-input-option" value="1" checked="checked" aria-checked="true">
<label class="form-check-label search-input-label" for="all_home"> Normal </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="exact_home" class="form-check-input search-input-option" value="2">
<label class="form-check-label search-input-label" for="exact_home"> Exact Match </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="cve_home" class="form-check-input search-input-option" value="3">
<label class="form-check-label search-input-label" for="cve_home"> CVE </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="threat_home" class="form-check-input search-input-option" value="4">
<label class="form-check-label search-input-label" for="threat_home"> ID </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="psirt_home" class="form-check-input search-input-option" value="6">
<label class="form-check-label search-input-label" for="psirt_home"> PSIRT </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="repms_home" class="form-check-input search-input-option" value="8">
<label class="form-check-label search-input-label" for="repms_home"> Antispam </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="outbreak-alert_home" class="form-check-input search-input-option" value="9">
<label class="form-check-label search-input-label" for="outbreak-alert_home"> Outbreak Alert </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="url_home" class="form-check-input search-input-option" value="7">
<label class="form-check-label search-input-label" for="url_home"> IP/Domain/URL </label>
</div>
</fieldset>
</div>
</span>
</form>GET /search
<form action="/search" method="get" class="mobile-search-form col-12 ng-pristine ng-valid">
<div class="input-group">
<select class="form-select" name="engine">
<option value="1"> Normal </option>
<option value="2"> Exact Match </option>
<option value="3"> CVE </option>
<option value="4"> ID </option>
<option value="6"> PSIRT </option>
<option value="8"> Antispam </option>
<option value="9"> Outbreak Alert </option>
<option value="7"> IP/Domain/URL </option>
</select>
<input id="search_field_header" type="text" class="form-control" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button class="btn btn-sm btn-outline-secondary" type="submit">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=31430" alt="search">
</button>
</div>
</form>Text Content
* Search
Please select any available option
Normal
Exact Match
CVE
ID
PSIRT
Antispam
Outbreak Alert
IP/Domain/URL
* News / Research
NEWS/RESEARCH
RESEARCH CENTER
PSIRT CENTER
Explore latest research and threat reports on emerging cyber threats.
* Outbreak Alerts
* Security Blog
* Threat Signal
Fortinet Product Security Incident Response Team (PSIRT) updates.
* Advisories
* PSIRT Blog
* PSIRT Contact
* Security Vulnerability Policy
* Services
SERVICES
BY OUTBREAK
BY SOLUTION
BY PRODUCT
PROTECT
Counter measures across the security fabric for protecting assets, data and
network.
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiSpam
* AntiVirus
* Application Control
* Endpoint Detection & Response
* Endpoint Vulnerability
* Inline-CASB Application Definitions
* Intrusion Protection
* Operational Technology Security
* Sandbox Behavior Engine
* Web Application Security
* Web Filtering
DETECT
Find and correlate important information to identify an outbreak.Find and
correlate
* Anti-Recon and Anti-Exploit
* Cloud Threat Detection
* Indicators of Compromise
* Outbreak Deception
* Outbreak Detection
* SOC Automation
RESPOND
Develop containment techniques to mitigate impacts of security events.Develop
containment
* Client Forensics
* Endpoint Detection and Response
* Incident Response
* Recon: ACI
RECOVER
Improve security posture and processes by implementing security awareness and
training.
* Assessment Services
* NSE Training
* Security Awareness Training
IDENTIFY
Identify processes and assets that need protection.Identify processes and
assets that
* Cloud Vulnerability
* Endpoint Vulnerability
* FortiTester
* IoT Detection
* Pen Testing
* Recon: BP
* Recon: EASM
* Security Rating
* NETWORK SECURITY
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* Cloud Vulnerability and Threat Detection
* Data Loss Prevention
* Indicators of Compromise
* Inline-CASB Application Definitions
* Internet Services
* Intrusion Protection
* IP Geolocation
* Secure DNS
* ENDPOINT SECURITY
* ANN and NDR
* AntiVirus
* Endpoint Detection & Response
* Endpoint Vulnerability
* FortiClient Outbreak Detection
* IoT Detection
* Sandbox Behavior Engine
* APPLICATION SECURITY
* AntiSpam
* Application Control
* Client Application Firewall
* Credential Stuffing Defense
* Operational Technology Security
* Web Application Security
* Web Filtering
* SECURITY OPERATIONS
* Breach Attack Simulation
* FortiDevSec
* FortiSIEM Outbreak Detection Service
* Outbreak Deception
* Outbreak Detection
* Pen Testing
* Security Rating
* FortiGate
* FortiAnalyzer
* FortiClient
* FortiWeb
* FortiADC
* FortiAuthenticator
* FortiCNP
* FortiDDoS
* FortiDeceptor
* FortiEDR
* FortiMail
* empty
* FortiNDR
* FortiPAM
* FortiPolicy
* FortiProxy
* FortiRecon
* FortiSandBox
* FortiSASE
* FortiSIEM
* FortiTester
* FortiCNAPP
* empty
* Anti-Botnet
* AntiVirus
* Application Control
* Inline-CASB Application Definitions
* Intrusion Protection
* IoT Detection
* IP Geolocation
* Operational Technology Security
* Secure DNS
* Security Rating
* Web Filtering
* Indicators of Compromise
* Outbreak Detection
* SOC Automation
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiVirus
* Application Firewall
* Credential Stuffing Defense
* Endpoint Vulnerability
* Intrusion Protection
* Outbreak Detection
* Web Filtering
* Anti-Botnet
* AntiVirus
* Application Control
* Credential Stuffing Defense
* Fuzzy Webshell
* IP Geolocation
* Web Application Security
* Anti-Botnet
* AntiVirus
* Credential Stuffing Defense
* Intrusion Protection
* IP Geolocation
* Web Application Security
* Web Filtering
* IP Geolocation
* Anti-Botnet
* Data Loss Prevention
* IP Geolocation
* Vulnerability
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiVirus
* Intrusion Protection
* Outbreak Deception
* AntiVirus
* EndPoint Detection and Response
* Endpoint Vulnerability
* Indicators of Compromise
* Web Filtering
* AntiSpam
* AntiVirus
* Web Filtering
* Network Detection and Response
* AntiVirus
* Data Loss Prevention
* Anti-Botnet
* Application Control
* Anti-Botnet
* Application Control
* Industrial Security
* Digital Risk Protection
* AntiVirus
* Intrusion Protection
* Sandbox Behavior Engine
* Web Filtering
* Anti-Botnet
* AntiVirus
* Application Control
* Data Loss Prevention
* Endpoint Vulnerability
* Intrusion Protection
* Secure DNS
* Web Filtering
* Indicators of Compromise
* IP Geolocation
* Outbreak Detection
* Breach Attack Simulation
* Cloud Threat Detection
* Cloud Vulnerability
* Threat Intelligence
THREAT INTELLIGENCE
CENTER
Browse the FortiGuard Labs extensive encyclopedia and Threat Analytics.
* Application Control
* Threat Analytics
* Threat Encyclopedia
* Threat Map
* Web Filtering
* Resources
RESOURCE CENTER
Learn about service status, publications and other available resources.
* FortiGuard Sample Files
* MITRE ATT&CK Matrix
* NIST Cybersecurity Framework
* Publications
* Security Best Practices
* About
ABOUT
FORTIGUARD LABS
PARTNERS
AI-Powered Threat Intelligence for an Evolving Digital World.
* Contact Us
* Premium Services
* RSS Feeds
Leveraging cyber security industry partner relationships.
* Cyber Threat Alliance
* MITRE Engenuity
*
* News / Research
* Advisories
* Outbreak Alerts
* PSIRT Blog
* PSIRT Contact
* Security Blog
* Security Vulnerability Policy
* Threat Signal
* Services
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* Anti-Recon and Anti-Exploit
* AntiSpam
* AntiVirus
* Application Control
* Assessment Services
* Client Forensics
* Cloud Threat Detection
* Cloud Vulnerability
* Endpoint Detection & Response
* Endpoint Detection and Response
* Endpoint Vulnerability
* Endpoint Vulnerability
* FortiTester
* Incident Response
* Indicators of Compromise
* Inline-CASB Application Definitions
* Intrusion Protection
* IoT Detection
* NSE Training
* Operational Technology Security
* Outbreak Deception
* Outbreak Detection
* Pen Testing
* Recon: ACI
* Recon: BP
* Recon: EASM
* Sandbox Behavior Engine
* Security Awareness Training
* Security Rating
* SOC Automation
* Web Application Security
* Web Filtering
* Threat Lookup
* Application Control
* Threat Analytics
* Threat Encyclopedia
* Threat Map
* Web Filtering
* Resources
* FortiGuard Sample Files
* MITRE ATT&CK Matrix
* NIST Cybersecurity Framework
* Publications
* Security Best Practices
* About
* Contact Us
* Cyber Threat Alliance
* MITRE Engenuity
* Premium Services
* RSS Feeds
* FORTINET
Normal Exact Match CVE ID PSIRT Antispam Outbreak Alert IP/Domain/URL
PSIRT
FORMAT STRING BUG IN FGFMD
SUMMARY
A use of externally-controlled format string vulnerability [CWE-134] in FortiOS
fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary
code or commands via specially crafted requests.
Version Affected Solution FortiOS 7.4 7.4.0 through 7.4.2 Upgrade to 7.4.3 or
above FortiOS 7.2 7.2.0 through 7.2.6 Upgrade to 7.2.7 or above FortiOS 7.0
7.0.0 through 7.0.13 Upgrade to 7.0.14 or above FortiPAM 1.3 Not affected Not
Applicable FortiPAM 1.2 1.2 all versions Migrate to a fixed release FortiPAM 1.1
1.1 all versions Migrate to a fixed release FortiPAM 1.0 1.0 all versions
Migrate to a fixed release FortiProxy 7.4 7.4.0 through 7.4.2 Upgrade to 7.4.3
or above FortiProxy 7.2 7.2.0 through 7.2.8 Upgrade to 7.2.9 or above FortiProxy
7.0 7.0.0 through 7.0.15 Upgrade to 7.0.16 or above FortiWeb 7.4 7.4.0 through
7.4.2 Upgrade to 7.4.3 or above
Follow the recommended upgrade path using our tool at:
https://docs.fortinet.com/upgrade-tool
FortiOS 6.x is not affected.
Workarounds
For each interface, remove the fgfm access, for example change :
config system interface
edit "portX"
set allowaccess ping https ssh fgfm
next
end
to :
config system interface
edit "portX"
set allowaccess ping https ssh
next
end
Note that this will prevent FortiGate discovery from FortiManager. Connection
will still be possible from FortiGate.
Please also note that a local-in policy that only allows FGFM connections from a
specific IP will reduce the attack surface but it won't prevent the
vulnerability from being exploited from this IP. As a consequence, this should
be used as a mitigation and not as a complete workaround.
ACKNOWLEDGEMENT
Internally discovered and reported by Gwendal Guégniaud of Fortinet Product
Security team.
TIMELINE
2024-02-08: Initial publication
2024-04-09: added more affected products
IR Number FG-IR-24-029 Date Feb 8, 2024 Severity Critical CVSSv3 Score 9.8
Impact Execute unauthorized code or commands CVE ID CVE-2024-23113 CVRF Download
Language English Portuguese
* Contact Us
* Legal
* Privacy
* Partners
* Feedback
*
*
*
*
*
Copyright © 2024 Fortinet, Inc. All Rights Reserved.
This site uses cookies. Some are essential to the operation of the site; others
help us improve the user experience. By continuing to use the site, you consent
to the use of these cookies. To learn more about cookies, please read our
privacy policy.
Accept