critical
9.8
CWE
124
Advisory Published
Updated

CVE-2023-25610

First published: Mon Mar 24 2025(Updated: )

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

Credit: psirt@fortinet.com

Affected SoftwareAffected VersionHow to fix
FortiOS>=7.2.0<=7.2.3>=7.0.0<=7.0.6>=6.4.0<=6.4.11<=6.2.12
Fortinet FortiProxy SSL VPN webmode>=7.2.0<=7.2.2>=7.0.0<=7.0.8<=2.0.12
Fortinet FortiOS>=6.4.0<=6.4.10>=6.2.0<=6.2.10<=6.2.10

Remedy

Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.10 or above Please upgrade to FortiOS version 6.4.12 or above Please upgrade to FortiOS version 6.2.13 or above Please upgrade to FortiWeb version 7.2.2 or above Please upgrade to FortiWeb version 7.0.7 or above Please upgrade to FortiWeb version 6.4.3 or above Please upgrade to FortiWeb version 6.3.23 or above Please upgrade to FortiWeb version 6.2.8 or above Please upgrade to FortiWeb version 6.1.4 or above Please upgrade to upcoming FortiOS version 6.0.17 or above Please upgrade to FortiSwitchManager version 7.2.2 or above Please upgrade to FortiSwitchManager version 7.0.2 or above Please upgrade to FortiProxy version 7.2.3 or above Please upgrade to FortiProxy version 7.0.9 or above Please upgrade to FortiManager version 7.2.1 or above Please upgrade to FortiManager version 7.0.5 or above Please upgrade to FortiManager version 6.4.12 or above Please upgrade to FortiManager version 6.2.11 or above Please upgrade to FortiManager version 6.0.12 or above Please upgrade to FortiOS-6K7K version 7.0.10 or above Please upgrade to FortiOS-6K7K version 6.4.12 or above Please upgrade to FortiOS-6K7K version 6.2.13 or above Please upgrade to FortiAnalyzer version 7.2.1 or above Please upgrade to FortiAnalyzer version 7.0.5 or above Please upgrade to FortiAnalyzer version 6.4.12 or above Please upgrade to FortiAnalyzer version 6.2.11 or above Please upgrade to FortiAnalyzer version 6.0.12 or above ## Workaround for FortiOS: Disable HTTP/HTTPS administrative interface OR Limit IP addresses that can reach the administrative interface: ``` config firewall address edit my_allowed_addresses set subnet Y IP MY SUBNET end ``` Then create an Address Group: ``` config firewall addrgrp edit MGMT_IPs set member my_allowed_addresses end ``` Create the Local in Policy to restrict access only to the predefined group on management interface (here: port1): ``` config firewall local-in-policy edit 1 set intf port1 set srcaddr MGMT_IPs set dstaddr all set action accept set service HTTPS HTTP set schedule always set status enable next edit 2 set intf any set srcaddr all set dstaddr all set action deny set service HTTPS HTTP set schedule always set status enable end ``` If using non default ports, create appropriate service object for GUI administrative access: ``` config firewall service custom edit GUI_HTTPS set tcp-portrange admin-sport next edit GUI_HTTP set tcp-portrange admin-port end ``` Use these objects instead of "HTTPS HTTP" in the local-in policy 1 and 2 below. When using an HA reserved management interface, the local in policy needs to be configured slightly differently - please see: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-a-local-in-policy-on-a-HA/ta-p/222005 Please contact customer support for assistance. ## Workaround for FortiManager and FortiAnalyzer: Limit IP addresses that can reach the administrative interface ## Workaround for FortiWeb: Disable HTTP/HTTPS administrative interface OR Limit IP addresses that can reach the administrative interface

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2023-25610?

    CVE-2023-25610 has been classified as a high severity vulnerability due to its potential to allow remote attackers to exploit buffer underwrite conditions.

  • How do I fix CVE-2023-25610?

    To mitigate CVE-2023-25610, upgrade your Fortinet FortiOS or FortiProxy to the latest patched versions recommended by Fortinet.

  • Which versions are affected by CVE-2023-25610?

    CVE-2023-25610 affects FortiOS versions from 6.2.12 to 7.2.3 and FortiProxy versions from 7.0.0 to 7.2.2.

  • Can CVE-2023-25610 impact my network security?

    Yes, CVE-2023-25610 can significantly compromise network security by allowing unauthorized access to the administrative interface.

  • Is CVE-2023-25610 easy to exploit?

    Exploitation of CVE-2023-25610 could be relatively straightforward for experienced attackers, making it critical to address promptly.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203