--- licence_title: Creative Commons Attribution 4.0 International (CC-BY 4.0) licence_link: https://creativecommons.org/licenses/by/4.0/ licence_restrictions: https://cert.europa.eu/legal-notice licence_author: CERT-EU, The Cybersecurity Service for the European Union institutions, bodies, offices and agencies title: 'RCE vulnerability in Fortinet FortiNAC' version: '1.0' number: '2023-042' original_date: 'June 23, 2023' date: 'June 26, 2023' --- _History:_ * _26/06/2023 --- v1.0 -- Initial publication_ # Summary On June 23, 2023, Fortinet released one advisory regarding a critical vulnerability in FortiNAC that may allow unauthenticated attackers to perform remote arbitrary code or command execution [1]. This vulnerability was identified as `CVE-2023-33299` with CVSS score of 9.6. FortiNAC is a network access control solution utilised by organisations to manage network access policies and compliance. Due to the level of access and control on the network we recommend to update as soon as possible. # Technical Details This vulnerability is the result of the deserialisation of untrusted data. An unauthenticated user can insert a modified serialised object into the system via specifically crafted requests to the tcp/1050 service, which leads to unauthenticated RCE. # Affected Products - Version 9.4.0 through 9.4.2 - Version 9.2.0 through 9.2.7 - Version 9.1.0 through 9.1.9 - Version 7.2.0 through 7.2.1 - 8.8 all versions - 8.7 all versions - 8.6 all versions - 8.5 all versions - 8.3 all versions # Recommendations Upgrade FortiNAC products to: - Version 9.4.3 or above - Version 9.2.8 or above - Version 9.1.10 or above - Version 7.2.2 or above # References [1]