Critical Security Flaws Detected in SonicWall and Fortinet Network Security Tools

Critical Security Flaws Detected in SonicWall and Fortinet Network Security Tools

Date: July 13, 2023 | Network Security / Vulnerability

SonicWall and Fortinet, the network security giants, have recently alerted their clients about multiple security breaches found in their firewall management and network reporting engine tools – the Global Management System (GMS) and Analytics respectively. The company strongly advises their users to install the latest patches to safeguard against 15 security defects that could potentially let malicious actors bypass authentication and access confidential data.

These 15 vulnerabilities (identified as CVE-2023-34123 through CVE-2023-34137), were publicly disclosed by the NCC Group. They include four Critical, four High, and seven Medium severity flaws. The affected versions are GMS 9.3.2-SP1 and Analytics 2.5.0.4-R7 and before. The rectifications are available in GMS 9.3.3 and Analytics 2.5.2 versions.

SonicWall has warned that these vulnerabilities could let a cybercriminal access and manipulate data they wouldn’t typically have permission to, which could potentially result in irreversible changes to the application’s content or functioning.

The four critical flaws include –

CVE-2023-34124 (CVSS score: 9.4) - Web Service Authentication Bypass
CVE-2023-34133 (CVSS score: 9.8) - Several Unauthenticated SQL Injection and Security Filter Bypass Issues
CVE-2023-34134 (CVSS score: 9.8) - Password Hash Read via Web Service
CVE-2023-34137 (CVSS score: 9.4) - Cloud App Security (CAS) Authentication Bypass

In parallel, Fortinet disclosed a severe flaw (CVE-2023-33308, CVSS score: 9.8) in FortiOS and FortiProxy that could potentially allow a remote attacker to execute arbitrary code. The company noted that the issue was fixed in a prior release, without issuing an advisory.

“A stack-based overflow vulnerability in FortiOS and FortiProxy may allow a remote attacker to execute arbitrary code or command through specially crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection,” Fortinet said in their advisory.

Affected products include FortiOS versions 7.2.0 to 7.2.3 and 7.0.0 to 7.0.10, as well as FortiProxy versions 7.2.0 to 7.2.2 and 7.0.0 to 7.0.9. Patches for these vulnerabilities are included in the following versions:

FortiOS version 7.4.0 or later
FortiOS version 7.2.4 or later
FortiOS version 7.0.11 or later
FortiProxy version 7.2.3 or later
FortiProxy version 7.0.10 or later

Notably, this flaw doesn’t impact all versions of FortiOS 6.0, FortiOS 6.2, FortiOS 6.4, FortiProxy 1.x, and FortiProxy 2.x.

As an interim measure for customers unable to update promptly, Fortinet suggests disabling HTTP/2 support on SSL inspection profiles utilized by proxy policies or firewall policies in proxy mode.

Key Points Summarized

1. SonicWall and Fortinet have discovered multiple security vulnerabilities in their Global Management System (GMS), Analytics, FortiOS, and FortiProxy software.
2. SonicWall advises users to install updates to prevent 15 security breaches which could let attackers bypass authentication and access sensitive data.
3. These breaches were classified as four Critical, four High, and seven Medium severity flaws.
4. Fortinet has revealed a critical flaw that could allow remote code execution under certain circumstances.
5. Affected products include certain versions of FortiOS and FortiProxy, with patches available in later versions.
6. For those unable to promptly update, Fortinet recommends disabling HTTP/2 support on SSL inspection profiles.