Headline
CVE-2022-30298: Fortiguard
An improper privilege management vulnerability [CWE-269] in Fortinet FortiSOAR before 7.2.1 allows a GUI user who has already found a way to modify system files (via another, unrelated and hypothetical exploit) to execute arbitrary Python commands as root.
** PSIRT Advisories**
FortiSOAR - Privilege escalation from nginx user to root
Summary
An improper privilege management vulnerability [CWE-269] in FortiSOAR may allow a GUI user who has already found a way to modify system files (via another, unrelated and hypothetical exploit) to execute arbitrary Python commands as root.
Affected Products
FortiSOAR version 7.2.0
FortiSOAR version 7.0.0 through 7.0.2
FortiSOAR version 6.4.0 through 6.4.4
Solutions
Please upgrade to FortiSOAR version 7.2.1 or above
Please upgrade to FortiSOAR version 7.0.3 or above
Acknowledgement
Fortinet is pleased to thank security researchers Ryan Catterall and OJ Reeves of Beyond Binary for discovering and reporting this vulnerability under responsible disclosure.