Database activity monitoring specialists reported the finding of two security vulnerabilities in FortiSIEM Windows Agent and FortiAnalyzer, tech software developed by Fortinet. Successful exploitation of these flaws would allow the deployment of malicious scenarios such as cross-site scripting and privilege escalations attacks.
Below are brief descriptions of reported vulnerabilities, in addition to their respective scores and tracking keys according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-9292: This vulnerability exists because some services have an unquoted service path, which could lead to privilege escalation attacks on the target system.
A threat actor could obtain high privileges through the AoWingAgt service path. The flaw is in FortiSIEM Windows Agent version 3.1.2 and received a CVSS score of 8.5/10, so it is considered a high-gravity vulnerability.
While this flaw could be exploited by unauthenticated remote threat actors, database activity monitoring experts report that there is no exploit to trigger this attack.
CVE-2020-6640: On the other hand, this vulnerability exists due to insufficient debugging of data provided by users passed through the Description Area, which could lead to a cross-site scripting attack (XSS). The fault is found in the following versions of FortiAnalyzer: 6.2.0, 6.2.1, 6.2.2, and 6.2.3.
Remote hackers could inject and execute arbitrary HTML code, as well as scripts in the user browser in the context of a vulnerable website. Successful exploiting of this vulnerability would allow a remote threat actor to extract potentially sensitive information, change the appearance of the attacked website, or perform phishing attacks, database activity monitoring specialists mention.
This flaw received a score of 5.6/10 on the CVSS scale, so it is considered a low severity vulnerability. Like the previous case, this vulnerability could be exploited remotely by unauthenticated hackers, although so far no exploit has been detected to trigger this attack.
Fortinet recognized the report and announced the release of updates immediately after receiving the report; finally, the security patches were released this week, so users of affected deployments should only verify their installation.
For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.