--- licence_title: Creative Commons Attribution 4.0 International (CC-BY 4.0) licence_link: https://creativecommons.org/licenses/by/4.0/ licence_restrictions: https://cert.europa.eu/legal-notice licence_author: The Cybersecurity Service for the Union institutions, bodies, offices and agencies title: 'High Vulnerabilities in Fortinet Products' number: '2025-008' version: '1.0' original_date: '2025-03-11' date: '2025-03-14' --- _History:_ * _14/03/2025 --- v1.0 -- Initial publication_ # Summary On March 11, 2025, Fortinet released several security advisories addressing 18 vulnerabilities ranging from low to high severity [1]. It is recommended updating as soon as possible. # Technical Details - The vulnerability **CVE-2023-48790**, with a CVSS score of 7.1, is a cross-site request forgery vulnerability in FortiNDR that may allow a remote unauthenticated attacker to execute unauthorised actions via crafted HTTP GET requests [2]. - The vulnerability **CVE-2024-45324**, with a CVSS score of 7.0, is a use of externally controlled format string vulnerability in FortiOS, FortiProxy, FortiPAM, FortiSRA and FortiWeb that may allow a privileged attacker to execute unauthorised code or commands via specially crafted HTTP or HTTPS commands [3]. - The vulnerability **CVE-2023-40723**, with a CVSS score of 7.7, is an exposure of sensitive information to an unauthorised actor in FortiSIEM that may allow a remote unauthenticated attacker who acquired knowledge of the agent's authorisation header by other means to read the database password via crafted api requests [4]. Fortinet also fixes low and medium severity vulnerabilities in their products [1]. # Affected Products The vulnerability **CVE-2023-48790** affects the following products and versions [2]: - FortiNDR 7.4 version 7.4.0 - FortiNDR 7.2 versions 7.2.0 through 7.2.1 - FortiNDR 7.1 versions 7.1.0 through 7.1.1 - FortiNDR 7.0 versions 7.0.0 through 7.0.5 - FortiNDR 1.5 all versions The vulnerability **CVE-2024-45324** affects the following products and versions [3]: - FortiOS 7.4 versions 7.4.0 through 7.4.4 - FortiOS 7.2 versions 7.2.0 through 7.2.9 - FortiOS 7.0 versions 7.0.0 through 7.0.15 - FortiOS 6.4 versions 6.4.0 through 6.4.15 - FortiOS 6.2 all versions - FortiPAM 1.4 versions 1.4.0 through 1.4.2 - FortiPAM 1.3 versions 1.3.0 through 1.3.1 - FortiPAM 1.2 all versions - FortiPAM 1.1 all versions - FortiPAM 1.0 all versions - FortiProxy 7.6 version 7.6.0 - FortiProxy 7.4 versions 7.4.0 through 7.4.6 - FortiProxy 7.2 versions 7.2.0 through 7.2.12 - FortiProxy 7.0 versions 7.0.0 through 7.0.19 - FortiSRA 1.4 versions 1.4.0 through 1.4.2 - FortiWeb 7.6 version 7.6.0 - FortiWeb 7.4 versions 7.4.0 through 7.4.5 - FortiWeb 7.2 versions 7.2.0 through 7.2.10 - FortiWeb 7.0 versions 7.0.0 through 7.0.10 The vulnerability **CVE-2023-40723** affects the following products and versions [4]: - FortiSIEM 6.7 versions 6.7.0 through 6.7.4 - FortiSIEM 6.6 versions 6.6.0 through 6.6.3 - FortiSIEM 6.5 versions 6.5.0 through 6.5.1 - FortiSIEM 6.4 versions 6.4.0 through 6.4.2 - FortiSIEM 6.3 all versions - FortiSIEM 6.2 all versions - FortiSIEM 6.1 all versions - FortiSIEM 5.4 all versions - FortiSIEM 5.3 all versions - FortiSIEM 5.2 all versions - FortiSIEM 5.1 all versions # Recommendations CERT-EU recommends updating the affected products as soon as possible to the latest version. # References [1] [2] [3] [4]