Demo of the CyCognito Platform

See the CyCognito platform in action to understand how it can help you identify, prioritize and eliminate your most critical risks. 

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024. 

The Total Economic Impact™ of The CyCognito Platform

Read The Total Economic Impact™ of The CyCognito Platform — a Forrester study. Cost Savings And Business Benefits Enabled By The CyCognito Platform. 

 
Research

Emerging Security Issue: Fortinet FortiOS CVE-2024-23113

Emma-Zaballos
By Emma Zaballos
Product Marketing Manager
October 16, 2024

What is CVE-2024-23113? 

CVE-2024-23113 is a critical (9.8) Fortinet FortiOS vulnerability allowing remote, unauthenticated attackers to execute arbitrary code or commands using specially crafted requests. The flaw uses an externally-controlled format string vulnerability in the FortiOS fgfmd daemon. 

What assets are affected by this vulnerability? 

This vulnerability affects Fortinet products FortiOS, FortiProxy, FortiPAM, FortiWeb. Specific affected versions are listed below. 

  • FortiOS 7.4.0 through 7.4.2
  • FortiOS 7.2.0 through 7.2.6
  • FortiOS 7.0.0 through 7.0.13
  • FortiPAM 1.2 (all versions) 
  • FortiPAM 1.1 (all versions)
  • FortiPAM 1.0 (all versions) 
  • FortiProxy 7.4.0 through 7.4.2
  • FortiProxy 7.2.0 through 7.2.8
  • FortiProxy 7.0.0 through 7.0.15
  • FortiWeb 7.4.0 through 7.4.2

FortiOS 6.x and FortiPAM 1.3 are not affected by CVE-2024-23113.  

Is a fix available? 

Patches are available for the Fortinet products below: 

  • FortiOS 7.4: upgrade to 7.4.3 or above
  • FortiOS 7.2: upgrade to 7.2.7 or above
  • FortiOS 7.0: upgrade to 7.0.14 or above
  • FortiProxy 7.4: upgrade to 7.4.3 or above
  • FortiProxy 7.2: upgrade to 7.2.7 or above
  • FortiProxy 7.0: upgrade to 7.0.16 or above
  • FortiWeb 7.4: upgrade to 7.4.3 or above

For affected FortiPAM assets (all versions of 1.2, 1.1, and 1.0), Fortinet recommends migrating to a fixed release such as FortiPAM 1.3. 

Are there any other actions to take? 

Fortinet has provided a workaround that requires removing fgfmd access from each interface. Because this strategy does not completely remove the risk of exploitation, it is recommended only as a mitigation and not as a fix. Additionally, it prevents FortiManager from discovering FortiGate, although connections can still be initiated from FortiGate.

Is CVE-2024-23113 being actively exploited?

While CVE-2024-23113 was originally identified in February in the FortiOS fgfmd daemon, researchers did not report seeing it exploited in the wild until October 11th. 

How is CyCognito helping customers identify assets vulnerable to CVE-2024-23113? 

CyCognito is investigating active tests for CVE-2024-23113. Users can check if their assets are potentially vulnerable using provided filters in the CyCognito platform. All customers have access to an in-platform emerging security issue announcement as of October 16th, 2024.  

Figure 1: The alert sent by CyCognito for CVE-2024-23113

How can CyCognito help your organization? 

CyCognito is an exposure management platform that reduces risk by discovering, testing and prioritizing security issues. The platform scans billions of websites, cloud applications and APIs and uses advanced AI to identify the most critical risks and guide remediation. Emerging companies, government agencies and Fortune 500 organizations rely on CyCognito to secure and protect from growing threats. Want to see how it works? Check out our website and explore our platform with a self-guided, interactive dashboard product tour. To learn how CyCognito can help you understand your external attack surface and exposed risks, please visit our Contact Us page to schedule a demo.


Topics



Search the Blog



Recent Posts






Tim Matthews
How to Budget for EASM
By Tim Matthews
November 18, 2024


Top Tags



CyCognito Research Report

State of External Exposure Management, Summer 2024 Edition

State of External Exposure Management, Summer 2024 Edition

Download the report now to stay ahead of emerging threats and strengthen your organization’s security posture for 2024.

O'Reilly Report

Moving from Vulnerability Management to Exposure Management

Moving from Vulnerability Management to Exposure Management

Download the report to learn about the historical trends behind the emergence of exposure management, how to develop a strategic plan and assemble a team to smoothly transition frameworks, and example tech stacks to consider for your organization.

Request a Free Scan

See Exactly What Attackers See

Get a Free Scan of Your Attack Surface

Get a free scan of your attack surface and gain valuable insight into your organization's risk posture by allowing CyCognito to discover, contextualize, and test externally exposed assets on a portion of your parent company or a single subsidiary.