Headline
CVE-2023-36641: Fortiguard
A numeric truncation error in Fortinet FortiProxy version 7.2.0 through 7.2.4, FortiProxy version 7.0.0 through 7.0.10, FortiProxy 2.0 all versions, FortiProxy 1.2 all versions, FortiProxy 1.1, all versions, FortiProxy 1.0 all versions, FortiOS version 7.4.0, FortiOS version 7.2.0 through 7.2.5, FortiOS version 7.0.0 through 7.0.12, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions allows attacker to denial of service via specifically crafted HTTP requests.
** PSIRT Advisories**
FortiOS & FortiProxy - DOS in headers management
Summary
A null pointer dereference [CWE-476] in FortiOS and FortiProxy SSL VPN may allow an authenticated attacker to perform a DoS attack on the device via specifically crafted HTTP requests.
Version
Affected
Solution
FortiOS 7.4
7.4.0
Upgrade to 7.4.1 or above
FortiOS 7.2
7.2.0 through 7.2.5
Upgrade to 7.2.6 or above
FortiOS 7.0
7.0.0 through 7.0.12
Upgrade to 7.0.13 or above
FortiOS 6.4
6.4 all versions
Migrate to a fixed release
FortiOS 6.2
6.2 all versions
Migrate to a fixed release
FortiOS 6.0
6.0 all versions
Migrate to a fixed release
FortiProxy 7.2
7.2.0 through 7.2.4
Upgrade to 7.2.5 or above
FortiProxy 7.0
7.0.0 through 7.0.10
Upgrade to 7.0.11 or above
FortiProxy 2.0
2.0 all versions
Migrate to a fixed release
FortiProxy 1.2
1.2 all versions
Migrate to a fixed release
FortiProxy 1.1
1.1 all versions
Migrate to a fixed release
FortiProxy 1.0
1.0 all versions
Migrate to a fixed release
Follow the recommended upgrade path using our tool at: https://docs.fortinet.com/upgrade-tool
Virtual Patch named “FortiOS.SSL.VPN.Proxy.Debug.Information.DoS.” is available in FMWP db update 23.082
Acknowledgement
Internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security team in the frame of an internal audit of the SSL-VPN component.
Timeline
2023-11-09: Initial publication
Added IPS package info: 2023-11-14