{ "file_item": { "filepath": "security-advisories", "filename": "CERT-EU-SA2023-047.pdf" }, "title": "RCE Vulnerability in FortiOS and FortiProxy", "serial_number": "2023-047", "publish_date": "13-07-2023 13:58:36", "description": "On July 11, 2023, Fortinet released an advisory regarding a critical vulnerability in FortiOS & FortiProxy that may allow remote attackers to execute arbitrary code or command via crafted packets. This vulnerability was identified as \"CVE-2023-33308\" with CVSS score of 9.8.
\nDue to the level of access and control on the network, we recommend to update as soon as possible.
\n", "url_title": "2023-047", "content_markdown": "--- \ntitle: 'RCE Vulnerability in\u00a0FortiOS\u00a0and\u00a0FortiProxy'\nversion: '1.0'\nnumber: '2023-047'\noriginal_date: 'July 11, 2023'\ndate: 'July 13, 2023'\n---\n\n_History:_\n\n* _13/07/2023 --- v1.0 -- Initial publication_\n\n# Summary\n\nOn July 11, 2023, Fortinet released an advisory regarding a critical vulnerability in FortiOS & FortiProxy that may allow remote attackers to execute arbitrary code or command via crafted packets [1]. This vulnerability was identified as `CVE-2023-33308` with CVSS score of 9.8.\n\nDue to the level of access and control on the network, we recommend to update as soon as possible.\n\n# Technical Details\n\nThis vulnerability is the result of a stack-based overflow vulnerability in FortiOS & FortiProxy. A remote attacker can send crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection to execute arbitrary code or command.\n\n# Affected Products\n\n- FortiOS version 7.2.0 through 7.2.3\n- FortiOS version 7.0.0 through 7.0.10\n- FortiProxy version 7.2.0 through 7.2.2\n- FortiProxy version 7.0.0 through 7.0.9\n\n# Recommendations\n\nCERT-EU strongly recommends upgrading affected FortiOS & FortiProxy products to the latest version.\n\n## Workaround\n\nIt is possible to disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies with proxy mode [1,2].\n\n# References\n\n[1] \n\n[2] ", "content_html": "

History:

Summary

On July 11, 2023, Fortinet released an advisory regarding a critical vulnerability in FortiOS & FortiProxy that may allow remote attackers to execute arbitrary code or command via crafted packets [1]. This vulnerability was identified as CVE-2023-33308 with CVSS score of 9.8.

Due to the level of access and control on the network, we recommend to update as soon as possible.

Technical Details

This vulnerability is the result of a stack-based overflow vulnerability in FortiOS & FortiProxy. A remote attacker can send crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection to execute arbitrary code or command.

Affected Products

Recommendations

CERT-EU strongly recommends upgrading affected FortiOS & FortiProxy products to the latest version.

Workaround

It is possible to disable HTTP/2 support on SSL inspection profiles used by proxy policies or firewall policies with proxy mode [1,2].

References

[1] https://www.fortiguard.com/psirt/FG-IR-23-183

[2] https://docs.fortinet.com/document/fortigate/7.0.0/new-features/710924/http-2-support-in-proxy-mode-ssl-inspection

", "licence": { "title": "Creative Commons Attribution 4.0 International (CC-BY 4.0)", "link": "https://creativecommons.org/licenses/by/4.0/", "restrictions": "https://cert.europa.eu/legal-notice", "author": "The Cybersecurity Service for the Union institutions, bodies, offices and agencies" } }