Due to several security holes, attackers could attack Fortinet protection software and, in the worst case, execute their own commands. Secure versions are available for download.
FortiDeceptor, among others, is affected. The protection solution can be used to set traps for attackers in networks and, ideally, to identify threats early on.
The most dangerous is one with the threat level “high“classified vulnerability (CVE-2020-29017) in FortiDeceptor. According to a warning message a remote attacker would have to be authenticated for a successful attack. If this is the case, he could start on the customization page in a way that is not described in detail and execute his own commands in the system.
The versions are against it FortiDeceptor 3.0.2, 3.1.1 and 3.2.0 secured. All previous editions are under threat, according to Fortinet.
FortiWeb is vulnerable to four vulnerabilities (CVE-2020-29015, CVE-2020-29016, CVE-2020-29018, CVE-2020-29019). All gaps are with “mediumIf attacks are successful, attackers could paralyze systems via DoS attacks or even execute malicious code. Fortinet provides further information on possible attacks in the security warnings linked below this message.
Admins should make sure they have the patched versions FortiWeb 6.2.4, 6.3.6 or 6.3.8 installed.
Another with the threat level “medium“gap (CVE-2020-29010) concerns FortiGate SSL VPN. Here, remote authenticated attackers could access log entries and see, for example, IP addresses and user names.
To prevent that from happening, the developers have the versions FortiGate 6.0.11, 6.2.5 and 6.4.2 released.
List sorted by threat level in descending order: