Rewterz Threat Advisory – CVE-2023-3280 – Palo Alto Networks Cortex XDR Agent Vulnerability
September 15, 2023Rewterz Threat Advisory – ICS: Rockwell Automation Pavilion8 Vulnerability
September 15, 2023Rewterz Threat Advisory – CVE-2023-3280 – Palo Alto Networks Cortex XDR Agent Vulnerability
September 15, 2023Rewterz Threat Advisory – ICS: Rockwell Automation Pavilion8 Vulnerability
September 15, 2023Severity
Medium
Analysis Summary
CVE-2023-25608 CVSS:5.5
Fortinet FortiAP-W2, FortiAP-C, FortiAP, and FortiAP-U could allow a local authenticated attacker to obtain sensitive information, caused by incomplete filtering of one or more instances of special elements in the command line interpreter. By passing specially crafted command arguments, an attacker could exploit this vulnerability to read arbitrary files.
CVE-2023-27998 CVSS:5.3
Fortinet FortiPresence could allow a remote attacker to obtain sensitive information, caused by lack of custom error pages. By navigating to the login GUI, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-34984 CVSS:7.5
Fortinet FortiWeb could allow a remote attacker to execute arbitrary code on the system, caused by a protection mechanism failure. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CVE-2023-36634 CVSS:7.1
Fortinet FortiAP-U could allow a local authenticated attacker to delete arbitrary files on the system, caused by incomplete filtering of one or more instances of special elements in the command line interpreter. By sending a specially crafted request, an attacker could exploit this vulnerability to delete arbitrary files on the system.
CVE-2023-36638 CVSS:4.3
Fortinet FortiManager and FortiAnalyzer could allow a remote authenticated attacker to obtain sensitive information, caused by improper privilege management. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2023-36551 CVSS:4.3
Fortinet FortiSIEM could allow a remote authenticated attacker to obtain sensitive information, caused by the exposure of the absolute path of files used by the supervisor. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CVE-2022-35849 CVSS:7.8
Fortinet FortiADC could allow a local authenticated attacker to execute arbitrary commands on the system, caused by an OS command injection vulnerability in the management interface. By sending specially crafted arguments to existing commands, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-29183 CVSS:8
Fortinet FortiOS and FortiProxy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the guest management page. A remote authenticated attacker could exploit this vulnerability to inject malicious script into a Web page which would be executed in a victim’s Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials.
Impact
- Information Disclosure
- Code Execution
- File Manipulation
- Command Execution
- Cross-Site Scripting
Indicators Of Compromise
CVE
- CVE-2023-25608
- CVE-2023-27998
- CVE-2023-34984
- CVE-2023-36634
- CVE-2023-36638
- CVE-2023-36551
- CVE-2022-35849
- CVE-2023-29183
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiAP-C 5.4.0
- Fortinet FortiAP-U 6.2.0
- Fortinet FortiAP 7.2.0
- Fortinet FortiAP-W2 7.2.0
- Fortinet FortiPresence 1.1
- Fortinet FortiPresence 1.0
- Fortinet FortiPresence 1.2.0
- Fortinet FortiPresence 1.2.1
- Fortinet FortiWeb 7.0.0
- Fortinet FortiWeb 7.0.6
- Fortinet FortiWeb 6.4
- Fortinet FortiWeb 7.2.0
- Fortinet FortiAP-U 7.0.0
- Fortinet FortiAP-U 6.2.5
- Fortinet FortiAP-U 6.0
- Fortinet FortiManager VM 6.2.0
- Fortinet FortiManager 7.0.0
- Fortinet FortiManager 6.4.0
- Fortinet FortiManager 7.2.0
- Fortinet FortiSIEM 6.7.0
- Fortinet FortiSIEM 6.7.5
- Fortinet FortiADC 6.1.0
- Fortinet FortiADC 6.1.5
- Fortinet FortiADC 6.2.0
- Fortinet FortiADC 6.2.1
- Fortinet FortiOS 6.2.0
- Fortinet FortiOS 6.4.0
- Fortinet FortiOS 7.0.0
- Fortinet FortiProxy 7.0.0
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.