Multiple vulnerabilities were identified in Fortinet Products. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, sensitive information disclosure, data manipulation and security restriction bypass on the targeted system.
Impact
Security Restriction Bypass
Information Disclosure
Remote Code Execution
Data Manipulation
System / Technologies affected
FortiADC 5.2 all versions
FortiADC 5.3 all versions
FortiADC 5.4 all versions
FortiADC 6.0 all versions
FortiADC 6.1 all versions
FortiADC 6.2 all versions
FortiADC 7.0 all versions
FortiADC version 7.1.0 through 7.1.1
FortiADC version 7.2.0
FortiNAC 8.7 all versions
FortiNAC 8.8 all versions
FortiNAC 9.1 all versions
FortiNAC 9.2 all versions
FortiNAC version 9.4.0 through 9.4.2
FortiNAC-F version 7.2.0
FortiOS 6.0 all versions
FortiOS version 6.2.0 through 6.2.13
FortiOS version 6.4.0 through 6.4.11
FortiOS version 7.0.0 through 7.0.10
FortiOS version 7.2.0 through 7.2.3
FortiProxy all versions 2.0, 1.2, 1.1, 1.0
FortiProxy version 7.0.0 through 7.0.7
FortiProxy version 7.2.0 through 7.2.1
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
https://fortiguard.fortinet.com/psirt/FG-IR-23-069
https://fortiguard.fortinet.com/psirt/FG-IR-23-013
https://fortiguard.fortinet.com/psirt/FG-IR-22-452
https://fortiguard.fortinet.com/psirt/FG-IR-22-297
https://fortiguard.fortinet.com/psirt/FG-IR-22-520
https://fortiguard.fortinet.com/psirt/FG-IR-22-475
https://fortiguard.fortinet.com/psirt/FG-IR-22-456
https://fortiguard.fortinet.com/psirt/FG-IR-22-464
https://fortiguard.fortinet.com/psirt/FG-IR-22-407