Alert GCSA-25052 - Vulnerabilita' multiple nei prodotti Fortinet
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25052
Data: 09 Aprile 2025
Titolo: Vulnerabilita' multiple nei prodotti Fortinet
******************************************************************
:: Descrizione del problema
Fortinet ha rilasciato degli aggiornamenti per risolvere varie
vulnerabilita' presenti nei suoi prodotti:
FG-IR-23-165 Use of uninitialized resource in SSLVPN websocket
FG-IR-24-392 OS command injection on gen-ca-cert command
FG-IR-24-435 Unverified password change via set_password endpoint
FG-IR-24-046 No certificate name verification for fgfm connection
FG-IR-24-397 OS command injection on diagnose feature (GUI)
FG-IR-24-453 Log Pollution via login page
FG-IR-24-111 LDAP Clear-text credentials retrievable with IP modification
FG-IR-24-184 Incorrect user management in widgets dashboard
FG-IR-23-344 EMS can send javascript code to client through messages
FG-IR-24-474 Directory Traversal
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software / Tecnologie interessate
FortiAnalyzer
FortiClientEMS
FortiIsolator
FortiManager
FortiOS
FortiProxy
FortiSwitch
FortiVoice
FortiWeb
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Elusione delle restrizioni di sicurezza (SRB)
Denial of Service (DoS)
Rivelazione di informazioni (ID)
Provide Misleading Information (Spoofing)
Manipolazione di Dati (DM)
:: Soluzioni
Applicare gli aggiornamenti rilasciati dal produttore:
https://fortiguard.fortinet.com/psirt/FG-IR-23-165
https://fortiguard.fortinet.com/psirt/FG-IR-24-392
https://fortiguard.fortinet.com/psirt/FG-IR-24-435
https://fortiguard.fortinet.com/psirt/FG-IR-24-046
https://fortiguard.fortinet.com/psirt/FG-IR-24-397
https://fortiguard.fortinet.com/psirt/FG-IR-24-453
https://fortiguard.fortinet.com/psirt/FG-IR-24-111
https://fortiguard.fortinet.com/psirt/FG-IR-24-184
https://fortiguard.fortinet.com/psirt/FG-IR-23-344
https://fortiguard.fortinet.com/psirt/FG-IR-24-474
:: Riferimenti
Fortinet
https://www.fortiguard.com/psirt
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46671
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54025
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25254
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ/YzSg0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCtHYAn0Rd5zZFea/DuXFzHiFgkrgxu/4nAKDIx5gQaXgo
314dYBsAyNvodhesNw==
=mnnN
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
Alert ID: GCSA-25052
Data: 09 Aprile 2025
Titolo: Vulnerabilita' multiple nei prodotti Fortinet
******************************************************************
:: Descrizione del problema
Fortinet ha rilasciato degli aggiornamenti per risolvere varie
vulnerabilita' presenti nei suoi prodotti:
FG-IR-23-165 Use of uninitialized resource in SSLVPN websocket
FG-IR-24-392 OS command injection on gen-ca-cert command
FG-IR-24-435 Unverified password change via set_password endpoint
FG-IR-24-046 No certificate name verification for fgfm connection
FG-IR-24-397 OS command injection on diagnose feature (GUI)
FG-IR-24-453 Log Pollution via login page
FG-IR-24-111 LDAP Clear-text credentials retrievable with IP modification
FG-IR-24-184 Incorrect user management in widgets dashboard
FG-IR-23-344 EMS can send javascript code to client through messages
FG-IR-24-474 Directory Traversal
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Software / Tecnologie interessate
FortiAnalyzer
FortiClientEMS
FortiIsolator
FortiManager
FortiOS
FortiProxy
FortiSwitch
FortiVoice
FortiWeb
:: Impatto
Esecuzione remota di codice arbitrario (RCE)
Acquisizione di privilegi piu' elevati (EoP)
Elusione delle restrizioni di sicurezza (SRB)
Denial of Service (DoS)
Rivelazione di informazioni (ID)
Provide Misleading Information (Spoofing)
Manipolazione di Dati (DM)
:: Soluzioni
Applicare gli aggiornamenti rilasciati dal produttore:
https://fortiguard.fortinet.com/psirt/FG-IR-23-165
https://fortiguard.fortinet.com/psirt/FG-IR-24-392
https://fortiguard.fortinet.com/psirt/FG-IR-24-435
https://fortiguard.fortinet.com/psirt/FG-IR-24-046
https://fortiguard.fortinet.com/psirt/FG-IR-24-397
https://fortiguard.fortinet.com/psirt/FG-IR-24-453
https://fortiguard.fortinet.com/psirt/FG-IR-24-111
https://fortiguard.fortinet.com/psirt/FG-IR-24-184
https://fortiguard.fortinet.com/psirt/FG-IR-23-344
https://fortiguard.fortinet.com/psirt/FG-IR-24-474
:: Riferimenti
Fortinet
https://www.fortiguard.com/psirt
Mitre CVE
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-37930
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26013
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-32122
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-46671
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-48887
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-50565
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-52962
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-54025
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-22855
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-25254
GARR CERT Security Alert - subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iGsEAREIACsWIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCZ/YzSg0cY2VydEBnYXJy
Lml0AAoJEMGcTJNlEmBCtHYAn0Rd5zZFea/DuXFzHiFgkrgxu/4nAKDIx5gQaXgo
314dYBsAyNvodhesNw==
=mnnN
-----END PGP SIGNATURE-----