Headline
CVE-2023-28002: Fortiguard
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.
** PSIRT Advisories**
FortiOS & FortiProxy VM - Bypass of root file system integrity checks at boot time on VM
Summary
An improper validation of integrity check value vulnerability [CWE-354] in FortiOS and FortiProxy VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesytem integrity check in place.
Version
Affected
Solution
FortiOS 7.4
Not affected
Upgrade to 7.4.0 or above
FortiOS 7.2
7.2.0 through 7.2.3
Upgrade to 7.2.4 or above
FortiOS 7.0
7.0.0 through 7.0.12
Upgrade to 7.0.13 or above
FortiOS 6.4
6.4 all versions
Migrate to a fixed release
FortiOS 6.2
6.2 all versions
Migrate to a fixed release
FortiOS 6.0
6.0 all versions
Migrate to a fixed release
FortiProxy 7.2
7.2 all versions
Migrate to a fixed release
FortiProxy 7.0
7.0 all versions
Migrate to a fixed release
FortiProxy 2.0
2.0 all versions
Migrate to a fixed release
Follow the recommended upgrade path using our tool at: https://docs.fortinet.com/upgrade-tool
Acknowledgement
Fortinet is pleased to thank Michael Anastasakis, Grégoire Lodi and Rustam Komildzhonov from Klarna for reporting this vulnerability under responsible disclosure.
Timeline
2023-11-02: Initial publication