Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

Fortinet has patched 15 vulnerabilities in a variety of its products, including CVE-2023-25610, a critical flaw affecting devices running FortiOS and FortiProxy.

Discovered by Fortinet infosec engineer Kai Ni, CVE-2023-25610 is a buffer underwrite vulnerability found in the FortiOS and FortiProxy administrative interface.

Some hardware devices running a vulnerable FortiOS version are only impacted by the the DoS part of the issue, and those are listed in the security advisory.

FortiOS version 7.4.0 or above, 7.2.4 or above, 7.0.10 or above, 6.4.12 or above, or 6.2.13 or above.

FortiProxy version 7.2.3 or above, 7.0.9 or above, or 2.0.12 or above.

FortiOS-6K7K version 7.0.10 or above, 6.4.12 or above, or 6.2.13 or above.

Share this article on social media:

Subscribe to Our Newsletter!
Stay on top of cybersecurity risks, evolving threats and industry news.
This field is for validation purposes and should be left unchanged.

Recent News

Featured Services

The Latest Cybersecurity News

From major cyberattacks, newly discovered critical vulnerabilities to recommended best practices, read it here first:

BOOK A MEETING

Enter your Email Address

This field is for validation purposes and should be left unchanged.

* No free email provider (e.g: gmail.com, hotmail.com, etc.)

This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.