Fortinet has released security updates to address 40 vulnerabilities, including two rated Critical, in its software lineup.
The 40 flaws impact FortiWeb, FortiOS, FortiNAC, and FortiProxy, among others. The most severe bug, residing in the FortiNAC network access control solution (CVE-2022-39952, CVSS score: 9.8), could lead to arbitrary code execution.
"An external control of file name or path vulnerability [CWE-73] in FortiNAC web server may allow an unauthenticated attacker to perform arbitrary write on the system," Fortinet said in an advisory earlier this week.
Patches have been released in FortiNAC versions 7.2.0, 9.1.8, 9.1.8, and 9.1.8. Penetration testing firm Horizon3.ai said it plans to release a proof-of-concept (PoC) code for the flaw "soon," making it imperative that users move quickly to apply the updates.
The second flaw of note is a set of stack-based buffer overflow in FortiWeb's proxy daemon (CVE-2021-42756, CVSS score: 9.3) that could enable an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests. CVE-2021-42756 affects the below versions of FortiWeb, with fixes available in versions FortiWeb 6.0.8, 6.1.3, 6.2.7, 6.3.17, and 7.0.0