CVE-2023-41842 : A use of externally-controlled format string vulnerability [CWE-134] in Fortinet

A use of externally-controlled format string vulnerability [CWE-134] in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData before 7.2.5 and Fortinet FortiPortal version 6.0 all versions and version 5.3 all versions allows a privileged attacker to execute unauthorized code or commands via specially crafted command arguments.

Published 2024-03-12 15:15:46

Updated 2024-03-21 21:04:13

Source Fortinet, Inc.

View at NVD, CVE.org

Vulnerability category: Overflow

Products affected by CVE-2023-41842

Fortinet » Fortiportal
Versions from including (>=) 5.3.0 and up to, including, (<=) 6.0.14
cpe:2.3:a:fortinet:fortiportal:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortimanager
Versions from including (>=) 7.2.0 and before (<) 7.2.4
cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortimanager
Versions from including (>=) 7.4.0 and before (<) 7.4.2
cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortimanager
Versions from including (>=) 6.2.0 and before (<) 7.0.10
cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer
Versions from including (>=) 6.2.0 and before (<) 7.0.10
cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer
Versions from including (>=) 7.2.0 and before (<) 7.2.4
cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer
Versions from including (>=) 7.4.0 and before (<) 7.4.2
cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer Bigdata
Versions from including (>=) 6.4.5 and up to, including, (<=) 6.4.7
cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer Bigdata
Versions from including (>=) 7.0.1 and up to, including, (<=) 7.0.6
cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer Bigdata
Versions from including (>=) 7.2.0 and before (<) 7.2.6
cpe:2.3:a:fortinet:fortianalyzer_bigdata:*:*:*:*:*:*:*:*
Matching versions
Fortinet » Fortianalyzer Bigdata » Version: 6.2.5
cpe:2.3:a:fortinet:fortianalyzer_bigdata:6.2.5:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2023-41842

EPSS FAQ

0.05%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 13 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2023-41842

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	NIST	2024-03-21
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High
6.7	MEDIUM	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H	0.8	5.9	Fortinet, Inc.	2024-03-12
Attack Vector: Local Attack Complexity: Low Privileges Required: High User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2023-41842

CWE-134 Use of Externally-Controlled Format String

The product uses a function that accepts a format string as an argument, but the format string originates from an external source.

Assigned by: psirt@fortinet.com (Primary)

References for CVE-2023-41842

https://fortiguard.com/psirt/FG-IR-23-304

PSIRT | FortiGuard
Vendor Advisory

Jump to

Vulnerability Details : CVE-2023-41842

Products affected by CVE-2023-41842

Exploit prediction scoring system (EPSS) score for CVE-2023-41842

CVSS scores for CVE-2023-41842

CWE ids for CVE-2023-41842

References for CVE-2023-41842