Headline
CVE-2023-25611: Fortiguard
A improper neutralization of formula elements in a CSV file vulnerability in Fortinet FortiAnalyzer 6.4.0 - 6.4.9, 7.0.0 - 7.0.5, and 7.2.0 - 7.2.1 allows local attacker to execute unauthorized code or commands via inserting spreadsheet formulas in macro names.
** PSIRT Advisories**
FortiAnalyzer - CSV injection in macro name
Summary
An improper neutralization of formula elements vulnerability (CWE 1236) in FortiAnalyzer may allow a local authenticated privileged attacker to execute arbitrary code on the end-user’s host via inserting spreadsheet formulas in the macro names. This is achieved once the user downloads and opens the CSV report files.
Affected Products
FortiAnalyzer version 7.2.0 through 7.2.1
FortiAnalyzer version 7.0.0 through 7.0.5
FortiAnalyzer 6.4 all versions
Solutions
Please upgrade to FortiAnalyzer version 7.2.2 or above
Please upgrade to FortiAnalyzer version 7.0.6 or above
Acknowledgement
Fortinet is pleased to thank Andrea Acampa for reporting this vulnerability under responsible disclosure