===================================================================== CERT-Renater Note d'Information No. 2024/VULN189 _____________________________________________________________________ DATE : 11/04/2024 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Linux running FortiClient versions prior to 7.2.1, 7.0.11. ===================================================================== https://fortiguard.fortinet.com/psirt/FG-IR-23-087 _____________________________________________________________________ [FortiClient Linux] Remote Code Execution due to dangerous nodejs configuration IR Number : FG-IR-23-087 Date : Apr 9, 2024 Severity : Critical CVSSv3 Score : 9.4 Impact : Execute unauthorized code or commands CVE ID : CVE-2023-45590 Summary An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientLinux may allow##an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website. Version | Affected | Solution FortiClientLinux 7.2 | 7.2.0 | Upgrade to 7.2.1 or above FortiClientLinux 7.0 | 7.0.6 through 7.0.10 | Upgrade to 7.0.11 or above FortiClientLinux 7.0 | 7.0.3 through 7.0.4 | Upgrade to 7.0.11 or above Acknowledgement Fortinet is pleased to thank security researcher CataLpa from Dbappsecurity Co. Ltd. for discovering and reporting this vulnerability under responsible disclosure. Timeline 2024-04-09: Initial publication ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================