Fortinet FortiOS, FortiPAM, and FortiProxy Heap-Based Buffer Overflow Vulnerability Allowing Unauthorized Code Execution

A heap-based buffer overflow vulnerability has been identified in multiple Fortinet products, including FortiOS versions 7.6.2 and below, 7.4.7 and below, 7.2.10 and below, as well as all versions of FortiOS 7.0 and 6.4. This vulnerability also affects FortiPAM versions 1.5.0, 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, and 1.0 all versions. Additionally, FortiProxy versions 7.6.2 and below, 7.4.3 and below, 7.2 all versions, and 7.0 all versions are vulnerable. The issue arises in RDP bookmark connections, where an authenticated user can execute unauthorized code by sending crafted requests.

Impact

Exploitation of this vulnerability allows for unauthorized code execution.

Remediation

Users can upgrade Fortinet FortiOS to versions 7.6.3, 7.4.8, or 7.2.11, depending on their current version. Fortinet FortiPAM users should upgrade to version 1.5.1 or 1.4.3, or migrate to a fixed release if using an earlier version. Fortinet FortiProxy users should upgrade to version 7.6.3 or 7.4.4, or migrate to a fixed release if using an earlier version. Follow the recommended upgrade path using the Fortinet upgrade tool.