Systems Engineering is aware of the Fortinet FortiOS & FortiProxy - Improper authorization for HA requests vulnerability, CVE-2023-44250.
Fortinet rates this vulnerability as HIGH.
Description
Fortinet has announced a vulnerability in the HA management cluster system that could allow an authenticated, remote attacker to perform elevated actions over the web administrative interface via crafted HTTP or HTTPS requests. A successful attack would allow a malicious attacker to run administrative commands on the FortiGate, compromising the device's integrity. The attacker needs to compromise credentials to exploit this vulnerability.
Scope
This vulnerability is specific to FortiGate and FortiProxy. From the Fortinet Product Security Incident Response Team (PSIRT) Advisory webpage, the following systems are affected:
Course of Action
Fortinet has released a patch to remediate affected systems.
For clients with SE Platform, SE EventWatch, Cloud Security, and SE Secure services, we will be proactively patching for this vulnerability and will be in contact with you with details about remediation scheduling.
For all other clients, we recommend you have your affected systems patched for this vulnerability. If you would like our assistance with patching, please reach out to Systems Engineering Customer Service at 207.772.4199 to have a ticket opened to get your system updated.
If you are a Systems Engineering client and have questions about this Security Alert, please contact your Account Manager.
