CVE-2023-33308
published 2023-07-26CVE-2023-33308: A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through…
PriorityP270critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.87%
76.8th percentile
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortios | — | — |
| fortinet | fortios | 7.0.0 – 7.0.10 | — |
| fortinet | fortios | 7.2.0 – 7.2.3 | — |
| fortinet | fortiproxy | — | — |
| fortinet | fortiproxy | — | — |
| fortinet | fortiproxy | — | — |
| fortinet | fortiproxy | — | — |
| fortinet | fortiproxy | 7.0.0 – 7.0.9 | — |
| fortinet | fortiproxy | 7.2.0 – 7.2.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Target traffic reaching proxy policies or firewall policies configured with proxy mode alongside deep or full packet inspection — crafted packets exploiting this vector should be monitored at the perimeter ↗
- →Unauthenticated remote exploitation — no credentials required; monitor for unexpected code execution or crashes originating from FortiOS/FortiProxy proxy inspection processes ↗
- ·Vulnerability is only exploitable when proxy mode is enabled on firewall or proxy policies AND deep inspection or full packet inspection is also enabled — both conditions must be present for the attack surface to exist ↗
- ·Affected FortiOS versions: 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3; Affected FortiProxy versions: 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 — devices outside these ranges are not affected by this specific CVE ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
cisa_ics·2024-03-14
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
ICS Advisory
##
Siemens RUGGEDCOM APE1808 with Fortigate NGFW Devices
Release DateMarch 14, 2024
Alert CodeICSA-24-074-11
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: RUGGEDCOM APE1808 devices
- Vulnerabilities: Improper Certificate Validation, Cleartext Transmission of Sensitive Information, Path Traversal, Exposure of Sensitive Information to an Unauthorized
Fortinet
Proxy mode with deep inspection - Stack-based buffer overflow
vendor_fortinet·2023-07-26·CVSS 9.8
CVE-2023-33308 [CRITICAL] CWE-121 Proxy mode with deep inspection - Stack-based buffer overflow
FG-IR-23-183: Proxy mode with deep inspection - Stack-based buffer overflow
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
CVEs: CVE-2023-33308
CWEs: CWE-121, CWE-787
CVSS: 9.8 (critical)
Affected products: FortiOS, FortiProxy, Fortinet
GHSA
GHSA-h3gf-whgg-wh93: A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7
ghsa_unreviewed·2023-07-26
CVE-2023-33308 [CRITICAL] CWE-121 GHSA-h3gf-whgg-wh93: A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-07-26
Published