Cybersecurity specialists reported the finding of two critical vulnerabilities in some products of Fortinet, a leading company in the development of cybersecurity software, devices and services, such as firewalls, antivirus, among other solutions. According to the report, the successful exploitation of these flaws would allow the circumvention of security mechanisms in the affected systems.
Below are brief descriptions of reported flaws, in addition to their respective identification keys and scores according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-15937: Insufficient disinfection of data provided by FortiGate users in the IPS and WAF logs pane would allow threat actors to inject and execute HTML code and arbitrary script in the context of a vulnerable website.
The flaw received a score of 6.3/10 and its successful exploitation would allow the theft of potentially confidential information, modification of the appearance of a website and even the deployment of phishing attacks.
The vulnerability lies in the following versions of FortiGate: 6.2.0, 6.2.1, 6.2.2, 6.2.3, 6.2.4, 6.2.5, 6.4.0, 6.4.1.
CVE-2020-9295: This flaw affects the Fortinet AV engine and exists because the affected software may not be able to immediately detect some incorrectly formatted RAR files, which could allow malicious files to enter.
The flaw received a score of 6.4/10 and threat actors could exploit it by circumventing the security restrictions implemented and raising privileges on vulnerable systems.
The vulnerability lies in the following developments:
- FortiOS: 6.2.0, 6.4.0
- AV engine: 6.00137, 6.00142, 6.00144, before 6.00145, 6.00243
- Fortinet FortiClient: 6.2.0, 6.4.0
While these flaws can be exploited by remote threat actors, specialists have not detected attempts at active exploitation or the existence of a malware variant associated with the attack.
Security patches are now ready, so users of vulnerable installations are advised to update as soon as possible.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.