Format String Bug in Fclicense daemon
Summary
A use of externally-controlled format string vulnerability [CWE-134] in the Fclicense daemon of FortiOS may allow a remote authenticated attacker to execute arbitrary code or commands via specially crafted requests.
Affected Products
FortiOS version 7.2.0 through 7.2.4
FortiOS version 7.0.0 through 7.0.11
FortiOS version 6.4.0 through 6.4.12
FortiOS version 6.2.0 through 6.2.14
FortiOS 6.0 all versions
FortiProxy 7.2.0 through 7.2.4
FortiProxy 7.0.0 through 7.0.10
FortiProxy 2.0.0 through 2.0.12
FortiProxy 1.2.0 through 1.2.13
FortiProxy 1.1.0 through 1.1.6
FortiProxy 1.0.0 through 1.0.7
FortiPAM 1.0.0 through 1.0.3
Solutions
Please upgrade to FortiOS version 7.4.0 or above
Please upgrade to FortiOS version 7.2.5 or above
Please upgrade to FortiOS version 7.0.12 or above
Please upgrade to FortiOS version 6.4.13 or above
Please upgrade to FortiOS version 6.2.15 or above
Please upgrade to FortiProxy version 7.2.5 or above
Please upgrade to FortiProxy version 7.0.11 or above
Please upgrade to FortiProxy version 2.0.13 or above
Please upgrade to FortiPAM version 1.1.0 or above
Virtual Patch named "FortiOS.Fclicense.Daemon.Format.String." is available in FMWP db update 23.104
Acknowledgement
Internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security team in the frame of an internal audit of the SSL-VPN component.Timeline
2023-06-12: Initial publication
Added IPS package info: 2023-11-15