Fortinet Releases Security Advisory for FortiSwitch

Exploitation of critical vulnerability CVE-2023-37936 could allow an unauthenticated attacker to perform RCE

Threat ID:: CC-4605
Threat Severity:: Medium
Published:: 15 January 2025 2:22 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Exploitation of critical vulnerability CVE-2023-37936 could allow an unauthenticated attacker to perform RCE

Affected platforms

The following platforms are known to be affected:

Fortinet FortiSwitch

7.4.0
7.2.0 to 7.2.5
7.0.0 to 7.0.7
6.4.0 to 6.4.13
6.2.0 to 6.2.7
6.0.0 to 6.0.7

Threat details

Introduction

Fortinet has released a security advisory to address a critical vulnerability in FortiSwitch. FortiSwitch is Fortinet's scalable network switch solution that integrates with existing Fortinet infrastructure.

CVE-2023-37936 is a 'hard-coded cryptographic key' vulnerability with a CVSSv3 score of 9.6. A remote, unauthenticated attacker in possession of the cryptographic key could perform remote code execution (RCE).

Remediation advice

Affected organisations are encouraged to review the Fortinet PSIRT FG-IR-23-260 and apply the relevant updates as soon as practicable.

Definitive source of threat updates

https://fortiguard.fortinet.com/psirt/FG-IR-23-260

CVE Vulnerabilities

Status Published

CVE-2023-37936

A use of hard-coded cryptographic key in Fortinet FortiSwitch version 7.4.0 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.7 and 6.4.0 through 6.4.13 and 6.2.0 through 6.2.7 and 6.0.0 through 6.0.7 allows attacker to execute unauthorized code or commands via crafted requests.

Last edited: 15 January 2025 2:22 pm