Fortinet has recently released its May 2023 Monthly PSIRT Advisory Report, which we’ve covered in this detailed report. This report describes newly released security vulnerabilities affecting Fortinet products. We’ve also added a separate table in the report that describes all the products affected by these vulnerabilities.
Through this report, you will understand the severity of each vulnerability, the steps needed to mitigate the risks, and take the necessary actions to enhance the security structure against potential threats.
Summary of May 2023 Monthly PSIRT Advisory Report
The Fortinet report released has the following key points:
- The report listed 9 vulnerabilities, out of which none are critical, 2 are classified as High, 2 as Low, and 5 are classified as Medium.
- The products affected by these 9 vulnerabilities include FortiADC, FortiOS, FortiProxy, and FortiNAC.
- The fix for these vulnerabilities includes upgrading to the latest product version from the existing one.
Vulnerabilities by Category
The May 2023 Monthly PSIRT Advisory Report presents 9 vulnerabilities affecting FortiADC, FortiOS, FortiProxy, and FortiNAC. Below is a table giving the overview of each vulnerability type identified in the report:
| Vulnerability Type | Number of Occurrences |
| Command injection | 1 |
| Path traversal | 1 |
| SSH Weak Key Exchange | 1 |
| Stored XSS triggering RCE | 1 |
| Weak authentication mechanism | 1 |
| Weak password hashing | 1 |
| Database hardcoded credentials | 1 |
| Ppen redirect in default Url vulnerability | 1 |
| Out-of-bound-write vulnerability | 1 |
Vulnerabilities by Product
Following is the table with all the products affected by the vulnerabilities
| Fortinet Product | Number of Occurrence |
| FortiADC | 2 |
| FortiOS | 1 |
| FortiProxy | 1 |
| FortiNAC | 1 |
Comprehensive List of Vulnerabilities Patched in May 2023 Monthly PSIRT Advisory Report
| CVE | Title | CVSSv3 Score | Severity | Products Affected | Product Fixed |
| CVE-2023-27999 | FortiADC – Command injection in external resource module | 7.6 | High | FortiADC version 7.2.0FortiADC version 7.1.0 through 7.1.1 | Upgrade to FortiADC version 7.2.1 or aboveUpgrade to FortiADC version 7.1.2 or above |
| CVE-2023-27993 | FortiADC – Path traversal vulnerability in CLI | 5.7 | Medium | FortiADC version 7.2.0FortiADC version 7.1.0 through 7.1.1FortiADC 7.0 all versionsFortiADC 6.2 all versionsFortiADC 6.1 all versionsFortiADC 6.0 all versionsFortiADC 5.4 all versionsFortiADC 5.3 all versionsFortiADC 5.2 all versions | Upgrade to FortiADC version 7.2.1 or aboveUpgrade to FortiADC version 7.1.2 or above |
| CVE-2023-22637 | FortiNAC – Stored XSS triggering RCE via license key forgery | 5.9 | Medium | FortiNAC-F version 7.2.0FortiNAC version 9.4.0 through 9.4.2FortiNAC 9.2 all versionsFortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versions | Upgrade to FortiNAC-F version 7.2.1 or aboveUpgrade to FortiNAC version 9.4.3 or above |
| CVE-2022-45858 | FortiNAC – SSH Weak Key Exchange Algorithm | 3.8 | Low | At leastFortiNAC-F version 7.2.0FortiNAC version 9.4.0 through 9.4.1FortiNAC version 9.2.0 through 9.2.6FortiNAC version 9.1.0 through 9.1.8FortiNAC version 8.8.0 through 8.8.11FortiNAC version 8.7.0 through 8.7.6 | Upgrade to FortiNAC-F version 7.2.1 or aboveUpgrade to FortiNAC version 9.4.2 or aboveUpgrade to FortiNAC version 9.2.7 or above |
| CVE-2022-45860 | FortiNAC – Weak authentication mechanism on device registration page | 5 | Medium | At leastFortiNAC-F version 7.2.0FortiNAC version 9.4.0 through 9.4.2FortiNAC 9.2 all versionsFortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versions | Upgrade to FortiNAC version 9.4.3 or aboveUpgrade to FortiNAC-F version 7.2.1 or above |
| CVE-2022-45859 | FortiNAC – Weak password hashing method in etc/shadow | 3.9 | Low | At leastFortiNAC-F version 7.2.0FortiNAC version 9.4.0 through 9.4.1FortiNAC version 9.2.0 through 9.2.6FortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versions | Upgrade to FortiNAC-F version 7.2.1 or aboveUpgrade to FortiNAC version 9.4.2 or aboveUpgrade to FortiNAC version 9.2.7 or aboveAfter the upgrade, the CLI account password should be changed. |
| CVE-2023-26203 | FortiNAC – database hardcoded credentials | 6.1 | Medium | FortiNAC version 9.4.0 through 9.4.2FortiNAC-F version 7.2.0FortiNAC 9.2 all versionsFortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versions | Upgrade to FortiNAC version 9.4.3 or aboveUpgrade to FortiNAC-F version 7.2.1 or above |
| CVE-2022-43950 | FortiNAC – open redirect in defaultUrl parameter | 3.9 | Low | At leastFortiNAC-F version 7.2.0FortiNAC version 9.4.0 through 9.4.1FortiNAC 9.2 all versionsFortiNAC 9.1 all versionsFortiNAC 8.8 all versionsFortiNAC 8.7 all versions | Upgrade to FortiNAC version 9.4.2 or aboveUpgrade to FortiNAC-F version 7.2.1 or above |
| CVE-2023-22640 | FortiOS & FortiProxy – Out-of-bound-write in sslvpnd | 7.1 | High | FortiOS version 7.2.0 through 7.2.3FortiOS version 7.0.0 through 7.0.10FortiOS version 6.4.0 through 6.4.11FortiOS version 6.2.0 through 6.2.13FortiOS 6.0 all versionsFortiProxy version 7.2.0 through 7.2.1FortiProxy version 7.0.0 through 7.0.7FortiProxy all versions 2.0, 1.2, 1.1, 1.0 | Upgrade to FortiOS version 7.4.0 or aboveUpgrade to FortiOS version 7.2.4 or aboveUpgrade to FortiOS version 7.0.11 or aboveUpgrade to FortiOS version 6.4.12 or aboveUpgrade to FortiOS version 6.2.14 or aboveUpgrade to FortiProxy version 7.2.2 or aboveUpgrade to FortiProxy version 7.0.8 or above |