Fortinet FortiOS, FortiProxy, and FortiPAM Authentication Bypass Vulnerability via Crafted FGFM Requests

A vulnerability allowing authentication bypass through an alternate path or channel has been identified in Fortinet FortiOS versions 6.4.0 to 6.4.15 and prior to 6.2.16, as well as FortiProxy versions 7.4.0 to 7.4.2, 7.2.0 to 7.2.8 and prior to 7.0.15. FortiPAM versions prior to 1.2.0 are also affected. This vulnerability allows an unauthenticated attacker to take control of a managed device by sending crafted FGFM requests, but only if the device is managed by FortiManager and the attacker knows FortiManager's serial number.

Impact

Exploitation of this vulnerability allows unauthorized control over a managed device via FGFM requests.

Remediation

Users can upgrade Fortinet FortiOS to version 6.4.16 or 6.2.17, depending on their current version. Fortinet FortiProxy users should upgrade to version 7.4.3, 7.2.9 or 7.0.16, based on their version. FortiPAM users should migrate to a fixed release.