Serious Security Flaw in Fortinet's Software Could Allow Privilege Elevation

A new vulnerability has been discovered in Fortinet’s FortiOS and FortiProxy systems that could enable attackers to gain unauthorized access. Imagine a locked cabinet where only certain keys should work. This flaw acts like a hidden key that lets someone with limited access unlock the entire cabinet. If exploited, it can lead to a major compromise of your network’s security.

Who is at Risk?

This vulnerability affects users of Fortinet’s security software, particularly those running older versions. If you use these products, you could be at risk:

FortiOS Versions: 7.4.0 to 7.4.7; 7.2, all versions; 7.0.6 and higher
FortiProxy Versions: 7.6.0 to 7.6.2; 7.4.0 to 7.4.8; 7.2, all versions; 7.0.5 and higher

What could happen? If an attacker triggers a malicious Webhook action (think of it as sending a deceptive message through a legitimate channel), they could elevate their privileges and access sensitive data or system controls.

How to Stay Safe

It’s crucial to act quickly to prevent any potential exploitation of this vulnerability:

Check Your Version: Look into your FortiOS or FortiProxy settings to see if you are using any of the affected versions mentioned above.
Upgrade Immediately: If you're using an affected version, upgrade to the latest version as recommended:
- For FortiOS: Upgrade to 7.4.8 or higher (7.2.12 or higher for version 7.2, migrate for version 7.0)
- For FortiProxy: Upgrade to 7.6.3 or higher (7.4.9 for version 7.4, migrate for version 7.2 and 7.0)
Monitor Your Systems: Stay vigilant for any unusual activity that may indicate a breach.

Failing to update can leave your system vulnerable to exploitation, so it’s essential not to delay this critical step. For a detailed upgrade path, you can use Fortinet's upgrade tool found here.