Format string vulnerability in administrative interface

Summary

A use of externally-controlled format string vulnerability [CWE-134] in FortiManager, FortiAnalyzer, FortiAnalyzer-BigData & FortiPortal may allow a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

Affected Products

FortiManager version 7.4.0 through 7.4.1
FortiManager version 7.2.0 through 7.2.3
FortiManager 7.0 all versions
FortiManager 6.4 all versions
FortiManager 6.2 all versions
FortiAnalyzer version 7.4.0 through 7.4.1
FortiAnalyzer version 7.2.0 through 7.2.3
FortiAnalyzer 7.0 all versions
FortiAnalyzer 6.4 all versions
FortiAnalyzer 6.2 all versions
FortiAnalyzer-BigData version 7.2.0 through 7.2.5
FortiAnalyzer-BigData version 7.0.1 through 7.0.6
FortiAnalyzer-BigData version 6.4.5 through 6.4.7
FortiAnalyzer-BigData version 6.2.5
FortiPortal version 6.0.0 through 6.0.14
FortiPortal 5.3 all versions

Solutions

Please upgrade to FortiPortal version 6.0.15 or above
Please upgrade to FortiManager version 7.4.2 or above
Please upgrade to FortiManager version 7.2.4 or above
Please upgrade to FortiManager version 7.0.10 or above
Please upgrade to FortiAnalyzer-BigData version 7.4.0 or above
Please upgrade to FortiAnalyzer-BigData version 7.2.6 or above
Please upgrade to FortiAnalyzer version 7.4.2 or above
Please upgrade to FortiAnalyzer version 7.2.4 or above
Please upgrade to FortiAnalyzer version 7.0.10 or above

Acknowledgement

Internally discovered and reported by Diego Bernardelli from Fortinet's advanced TAC support team.

Timeline

2024-03-07: Initial publication