Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.3004 FortiOS Vulnerabilities 8 September 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: FortiOS Publisher: FortiGuard Labs Operating System: Network Appliance Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Access Confidential Data -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2021-36169 CVE-2021-32600 Original Bulletin: https://fortiguard.com/psirt/FG-IR-20-243 https://fortiguard.com/psirt/FG-IR-21-091 Comment: This bulletin contains two (2) FortiGuard Labs security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- FortiOS - Disclosure of other VDOMs information through CLI commands IR Number : FG-IR-20-243 Date : Sep 7, 2021 Risk : 3/5 CVSSv3 Score : 4.9 Impact : Information disclosure CVE ID : CVE-2021-32600 Affected Products: FortiOS: 7.0.0, 6.4.6, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.9, 6.2.8, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.13, 6.0.12, 6.0.11, 6.0.10, 6.0.1, 6.0.0, 5.6.9, 5.6.8, 5.6.7, 5.6.6, 5.6.5, 5.6.4, 5.6.3, 5.6.2, 5.6.14, 5.6.13, 5.6.12, 5.6.11, 5.6.10, 5.6.1, 5.6.0 Summary An exposure of sensitive information to an unauthorized actor vulnerability in FortiOS CLI may allow a local and authenticated user assigned to a specific VDOM to retrieve other VDOMs information such as the admin account list and the network interface list. Affected Products FortiOS 7.0.0 FortiOS 6.4.6 and below FortiOS 6.2.x FortiOS 6.0.x FortiOS 5.6.x Solutions Please Upgrade to FortiOS 7.0.1 or above Please Upgrade to FortiOS 6.4.7 or above Acknowledgement Fortinet is pleased to thank Shaun Farrow for reporting this vulnerability under responsible disclosure. - -------------------------------------------------------------------------------- FortiOS - debug commands allow memory manipulation IR Number : FG-IR-21-091 Date : Sep 7, 2021 Risk : 3/5 CVSSv3 Score : 4 Impact : Execute unauthorized code or commands CVE ID : CVE-2021-36169 Affected Products: FortiOS: 7.0.0, 6.4.6, 6.2.9 Summary A debug functionality in FortiGate may allow a privileged user to execute unauthorized code or commands via specific chains of `print str` and `cmd mem` cli commands to, respectively, read and write hexadecimal values to any memory address. Affected Products Any FortiGate version 7.0.0 or below is impacted. Any FortiGate version 6.4.6 or below is impacted. Any FortiGate version 6.2.9 or below is impacted. Solutions Upgrade FortiGate firmware with any version greater or equals to 7.0.1 Upgrade FortiGate firmware with any version greater or equals to 6.4.7 Acknowledgement Fortinet is pleased to thank Orange CERT-CC team for reporting this vulnerability under responsible disclosure. - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBYTf+4eNLKJtyKPYoAQgWgA/8D+VHaMGbCF2CvBOfc5CG0Q9Hj9cM21nI 1/KKDNDwRWp74eXS2v/sbVfN0Ym5IagLodkXWcEVcKY05W+IFP21ucJfGrsQA96a qWsTfQIb296yPvYpYakh5A/IKhxjdS3Bjc7srFUV2O4PizZTzyssCRt/4rI/XiMo 29b4YSoTemUzqBYIyjNRt3LwnfqQH2ZxxrYieirxTr0LooFcmEtx6p6+KGB3mP5C tmukbop98MtebFB5uHQn20xXK/dhdDUOYV+e6Z3mqeFpBD36bxk2RkkEduDCBUzD FBC03puit6E7LP/YeM6beD73GT9AWqN1Sv8uA5iXWoqlzk4p1nFM6LaObmLBcFwD VLhcYyGrW+NL2K6hBHDXh0dtEErKC7s93eNR+x4thrvDlo2FWNLNFzk/5iGie3xd FYKBKNS7Qlkg+AGY3LBkDd2fEYpVucjrUtCysDBX2JZ1hOadGM4/lajpwkylgi0y A02uuEKr2y7PZk2FoxoancQv8c/vDKve0sWq28oBj+LifAywjaBYfBH8dKz+kWzo HqlyGEZS0NlgNA5bKKEIIVn1e0ouyC4J5HrBr7IIaSRa8JXezGoeSIx8k350WEq5 S9vB3YrLupIEMm7i+TvVjPIax4KzIZrBb/J221LzWazzZiqD04yOnHy8CP3rkUjR 7R1J3PWubQg= =pKut -----END PGP SIGNATURE-----