First published: Mon Mar 24 2025(Updated: )
A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
Credit: psirt@fortinet.com
Affected Software | Affected Version | How to fix |
---|---|---|
FortiOS | >=7.2.0<=7.2.3>=7.0.0<=7.0.6>=6.4.0<=6.4.11<=6.2.12 | |
Fortinet FortiProxy | >=7.2.0<=7.2.2>=7.0.0<=7.0.8<=2.0.12 | |
Fortinet FortiOS | >=6.4.0<=6.4.10>=6.2.0<=6.2.10<=6.2.10 |
Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.10 or above Please upgrade to FortiOS version 6.4.12 or above Please upgrade to FortiOS version 6.2.13 or above Please upgrade to FortiWeb version 7.2.2 or above Please upgrade to FortiWeb version 7.0.7 or above Please upgrade to FortiWeb version 6.4.3 or above Please upgrade to FortiWeb version 6.3.23 or above Please upgrade to FortiWeb version 6.2.8 or above Please upgrade to FortiWeb version 6.1.4 or above Please upgrade to upcoming FortiOS version 6.0.17 or above Please upgrade to FortiSwitchManager version 7.2.2 or above Please upgrade to FortiSwitchManager version 7.0.2 or above Please upgrade to FortiProxy version 7.2.3 or above Please upgrade to FortiProxy version 7.0.9 or above Please upgrade to FortiManager version 7.2.1 or above Please upgrade to FortiManager version 7.0.5 or above Please upgrade to FortiManager version 6.4.12 or above Please upgrade to FortiManager version 6.2.11 or above Please upgrade to FortiManager version 6.0.12 or above Please upgrade to FortiOS-6K7K version 7.0.10 or above Please upgrade to FortiOS-6K7K version 6.4.12 or above Please upgrade to FortiOS-6K7K version 6.2.13 or above Please upgrade to FortiAnalyzer version 7.2.1 or above Please upgrade to FortiAnalyzer version 7.0.5 or above Please upgrade to FortiAnalyzer version 6.4.12 or above Please upgrade to FortiAnalyzer version 6.2.11 or above Please upgrade to FortiAnalyzer version 6.0.12 or above ## Workaround for FortiOS: Disable HTTP/HTTPS administrative interface OR Limit IP addresses that can reach the administrative interface: ``` config firewall address edit my_allowed_addresses set subnet Y IP MY SUBNET end ``` Then create an Address Group: ``` config firewall addrgrp edit MGMT_IPs set member my_allowed_addresses end ``` Create the Local in Policy to restrict access only to the predefined group on management interface (here: port1): ``` config firewall local-in-policy edit 1 set intf port1 set srcaddr MGMT_IPs set dstaddr all set action accept set service HTTPS HTTP set schedule always set status enable next edit 2 set intf any set srcaddr all set dstaddr all set action deny set service HTTPS HTTP set schedule always set status enable end ``` If using non default ports, create appropriate service object for GUI administrative access: ``` config firewall service custom edit GUI_HTTPS set tcp-portrange admin-sport next edit GUI_HTTP set tcp-portrange admin-port end ``` Use these objects instead of "HTTPS HTTP" in the local-in policy 1 and 2 below. When using an HA reserved management interface, the local in policy needs to be configured slightly differently - please see: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-a-local-in-policy-on-a-HA/ta-p/222005 Please contact customer support for assistance. ## Workaround for FortiManager and FortiAnalyzer: Limit IP addresses that can reach the administrative interface ## Workaround for FortiWeb: Disable HTTP/HTTPS administrative interface OR Limit IP addresses that can reach the administrative interface
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2023-25610 has been classified as a high severity vulnerability due to its potential to allow remote attackers to exploit buffer underwrite conditions.
To mitigate CVE-2023-25610, upgrade your Fortinet FortiOS or FortiProxy to the latest patched versions recommended by Fortinet.
CVE-2023-25610 affects FortiOS versions from 6.2.12 to 7.2.3 and FortiProxy versions from 7.0.0 to 7.2.2.
Yes, CVE-2023-25610 can significantly compromise network security by allowing unauthorized access to the administrative interface.
Exploitation of CVE-2023-25610 could be relatively straightforward for experienced attackers, making it critical to address promptly.