cbcvebase.
CVE-2023-36554
published 2024-03-12

CVE-2023-36554: A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2…

PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.77%
50.8th percentile
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

Affected

7 ranges
VendorProductVersion rangeFixed in
fortinetfortimanager
fortinetfortimanager
fortinetfortimanager6.2.0 – 6.2.12
fortinetfortimanager6.4.0 – 6.4.13
fortinetfortimanager7.0.0 – 7.0.10
fortinetfortimanager7.2.0 – 7.2.3
fortinetfortinet

Detection & IOCsextracted from sources · hover to see the quote

  • Exploit vector is via specially crafted HTTP requests targeting backup and restore features in FortiManager; monitor for unauthorized HTTP requests to FortiManager backup/restore endpoints
  • The vulnerability is an improper access control (CWE-284) in FortiManager backup and restore features; monitor for unauthenticated or unauthorized access attempts to these specific functional areas
  • ·Affected versions span a wide range: FortiManager 7.4.0, 7.2.0–7.2.3, 7.0.0–7.0.10, 6.4.0–6.4.13, and all 6.2.x versions; ensure detection coverage applies to all deployed versions in this range
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.