Get in Touch
Indiscriminate, opportunistic targeting.
Fortinet has released a remediation for a critical-severity flaw, tracked as CVE-2023-33299 (CVSSv3 score: 9.6), which pertains to a deserialization vulnerability that could lead to remote code execution (RCE) capabilities.
Successful exploitation of CVE-2023-33299 could allow an unauthenticated threat actor to execute unauthorised code or commands via specifically crafted requests, resulting in the compromise in the integrity of data.
Fortinet has released security patches for the vulnerability. As such, previous versions are vulnerable to potential exploitation.
- FortiNAC version 9.4.0 through 9.4.2
- FortiNAC version 9.2.0 through 9.2.7
- FortiNAC version 9.1.0 through 9.1.9
- FortiNAC version 7.2.0 through 7.2.1
- FortiNAC 8.8, all versions
- FortiNAC 8.7, all versions
- FortiNAC 8.6, all versions
- FortiNAC 8.5, all versions
- FortiNAC 8.3, all versions
Containment, Mitigations & Remediations
No mitigations are currently available to address the vulnerability. It is therefore strongly recommended that users apply the relevant updates as soon as possible. The updated versions are:
- FortiNAC 9.4.3 or above
- FortiNAC 9.2.8 or above
- FortiNAC 9.1.10 or above
- FortiNAC 7.2.2 or above
Fortinet occupies a significant proportion of the networking-hardware market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to develop exploits for, Fortinet networking hardware products have emerged as a prime target for threat actors. Due to the fact that Fortinet products have become an integral aspect of business operations, threat actors will continue to exploit the vulnerabilities of these product types in an attempt to exfiltrate sensitive data contained therein or impact associated business operations.
No attribution to specific threat actors or groups has been identified at the time of writing.
Common Weakness Enumeration (CWE):
CWE-502 – Deserialization of Untrusted Data