Headline
CVE-2023-33299: Fortiguard
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.
** PSIRT Advisories**
FortiNAC - java untrusted object deserialization RCE
Summary
A deserialization of untrusted data vulnerability [CWE-502] in FortiNAC may allow an unauthenticated user to execute unauthorized code or commands via specifically crafted requests to the tcp/1050 service.
Affected Products
FortiNAC version 9.4.0 through 9.4.2
FortiNAC version 9.2.0 through 9.2.7
FortiNAC version 9.1.0 through 9.1.9
FortiNAC version 7.2.0 through 7.2.1
FortiNAC 8.8 all versions
FortiNAC 8.7 all versions
FortiNAC 8.6 all versions
FortiNAC 8.5 all versions
FortiNAC 8.3 all versions
Solutions
Please upgrade to FortiNAC version 9.4.3 or above
Please upgrade to FortiNAC version 9.2.8 or above
Please upgrade to FortiNAC version 9.1.10 or above
Please upgrade to FortiNAC version 7.2.2 or above
Acknowledgement
Fortinet is pleased to thank Florian Hauser from CODE WHITE for reporting this vulnerability under responsible disclosure.
Timeline
2023-06-19: Initial publication
Related news
Fortinet has rolled out updates to address a critical security vulnerability impacting its FortiNAC network access control solution that could lead to the execution of arbitrary code. Tracked as CVE-2023-33299, the flaw is rated 9.6 out of 10 for severity on the CVSS scoring system. It has been described as a case of Java untrusted object deserialization. "A deserialization of untrusted data