Well, this isn’t good. News is out via this link that An incorrect privilege assignment vulnerability [CWE-266] in the FortiOS security fabric may allow an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targeted FortiGate to a malicious upstream FortiGate they control.
Jim Routh, Chief Trust Officer at cybersecurity company Saviynt, commented:
“The FortiOS Security Fabric Vulnerability that was patched is an excellent example of the value to a critical software provider in pen testing applications performed by an internal or external resource. In this case, a Fortinet employee, Justin Lum, discovered the vulnerability and initiated a process to produce the necessary patches to the impacted software versions.
- FortiOS 7.6.0
- FortiOS 7.4.0–7.4.4
- FortiOS 7.2.0–7.2.9
- FortiOS 7.0.0–7.0.15
- FortiOS 6.4 (all versions; requires migration)
The primary purpose of the FortiOS Security Fabric is to make it easier for enterprise administrators to configure the software for optimal usage across Fortinet software modules. Fortinet is a market leading (20%) provider of firewall technology for enterprises large and small. They also offer enterprises additional network management software like SD-WAN components.
The potential for exploitability for a set of cyber security capabilities designed to protect enterprises reaches a critical threshold with “super admin” privileged access, once the vulnerability is exploited by a threat actor. Threat actors dream about and strive for obtaining “super admin” privilege especially for software designed to protect enterprises.”
The link above as well as this link has all the details to make sure that you don’t get pwned. Thus it is now time to patch all the things.
Like this:
Like Loading...
Related
This entry was posted on February 12, 2025 at 3:55 pm and is filed under Commentary with tags Fortinet. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
FortiOS Security Fabric Vulnerability Enabled Escalated Privileges to Super-Admin
Well, this isn’t good. News is out via this link that An incorrect privilege assignment vulnerability [CWE-266] in the FortiOS security fabric may allow an authenticated admin whose access profile has the Security Fabric permission to escalate their privileges to super-admin by connecting the targeted FortiGate to a malicious upstream FortiGate they control.
Jim Routh, Chief Trust Officer at cybersecurity company Saviynt, commented:
“The FortiOS Security Fabric Vulnerability that was patched is an excellent example of the value to a critical software provider in pen testing applications performed by an internal or external resource. In this case, a Fortinet employee, Justin Lum, discovered the vulnerability and initiated a process to produce the necessary patches to the impacted software versions.
The primary purpose of the FortiOS Security Fabric is to make it easier for enterprise administrators to configure the software for optimal usage across Fortinet software modules. Fortinet is a market leading (20%) provider of firewall technology for enterprises large and small. They also offer enterprises additional network management software like SD-WAN components.
The potential for exploitability for a set of cyber security capabilities designed to protect enterprises reaches a critical threshold with “super admin” privileged access, once the vulnerability is exploited by a threat actor. Threat actors dream about and strive for obtaining “super admin” privilege especially for software designed to protect enterprises.”
The link above as well as this link has all the details to make sure that you don’t get pwned. Thus it is now time to patch all the things.
Share this:
Like this:
Related
This entry was posted on February 12, 2025 at 3:55 pm and is filed under Commentary with tags Fortinet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.