Fortinet FortiOS and FortiProxy Firewall Deny Policy Bypass Vulnerability

A vulnerability allowing improper access control has been identified in Fortinet FortiOS versions 7.2.0, 7.0.13 and below, 6.4.14 and below, as well as FortiProxy versions 7.2.3 and below, 7.0.9 and below, and 2.0.12 and below. This vulnerability may enable a remote unauthenticated attacker to bypass the firewall deny geolocation policy by timing the bypass with a GeoIP database update.

Impact

Exploitation of this vulnerability allows for bypassing the firewall deny geolocation policy, potentially leading to unauthorized access or actions based on geolocation data.

Remediation

Users can upgrade Fortinet FortiOS to version 7.2.1 or above. Fortinet FortiProxy users should upgrade to version 7.2.4 or above, 7.0.10 or above, or 2.0.13 or above, depending on their current version. Consult the Fortinet upgrade tool for guidance.