Fortinet FortiClientLinux is vulnerable to a critical severity flaw being tracked as CVE-2023-45590. Successful exploitation of the vulnerability may allow an attacker to execute arbitrary code on the affected systems. To exploit this improper code injection flaw, an attacker must trick a FortiClientLinux user into visiting a malicious website.
FortiClient is a web application firewall that provides remote web filtering, botnet protection, and application traffic control. It is available for installation on Linux operating systems such as Ubuntu, CentOS, and Red Hat. It provides protection, compliance, and secure access and communicates with the Fortinet Security Fabric to provide information, visibility, and control.
Affected Versions
- FortiClientLinux 7.2.1 or above
- FortiClientLinux 7.0.6 through 7.0.10
- FortiClientLinux 7.0.3 through 7.0.4
Mitigation
Customers are advised to upgrade to the following versions to patch the vulnerability:
- FortiClientLinux 7.2.1 or above
- FortiClientLinux 7.0.11 or above
- FortiClientLinux 7.0.11 or above
Please refer to the Fortinet PSIRT Advisory (FG-IR-23-087) for more information.
Qualys Detection
Qualys customers can scan their devices with QID 379606 to detect vulnerable assets.
Please continue to follow Qualys Threat Protection for more coverage of the latest vulnerabilities.
References
https://fortiguard.fortinet.com/psirt/FG-IR-23-087