Fortinet has rolled out patches to address a critical security flaw in FortiClientLinux that could be exploited to achieve arbitrary code execution. The vulnerability, tracked as CVE-2023-45590, carries a CVSS score of 9.4 out of a maximum of 10. It is described as an “Improper Control of Generation of Code (‘Code Injection’) vulnerability [CWE-94]” in FortiClientLinux.
This vulnerability could allow an unauthenticated attacker to execute arbitrary code by tricking a FortiClientLinux user into visiting a malicious website. The flaw impacts FortiClientLinux versions 7.0.3 through 7.0.4 and 7.0.6 through 7.0.10, and users are advised to upgrade to version 7.0.11 or above. It also affects FortiClientLinux version 7.2.0, with the recommendation to upgrade to version 7.2.1 or above.
In addition to the FortiClientLinux vulnerability, Fortinet’s security patches for April 2024 also address an issue with the FortiClientMac installer that could lead to code execution (CVE-2023-45588 and CVE-2024-31492, CVSS scores: 7.8). A bug in FortiOS and FortiProxy that could leak administrator cookies in certain scenarios (CVE-2023-41677, CVSS score: 7.5) has also been resolved. While there is no evidence of any of these flaws being exploited in the wild, it is recommended that users keep their systems up-to-date to mitigate potential threats.
Reference:
