CVE-2023-45590: FortiClient Linux Remote Code Execution due to Dangerous Nodejs Configuration

Apr 11, 2024 12:20:51 PM | Digital Hands

An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.

CVE-2023-45590 details

Severity: Critical with a 9.4/10 CVSS score ⚠️

Exploitation Status: No evidence yet of exploitation in the wild

CVE ID: CVE-2023-45590

Impact

Exploitation of vulnerability CVE-2023-45590 could lead to the execution of unauthorized code or commands, and potentially allow an unauthenticated attacked to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.

Recommendation for CVE-2023-45590

Version Affected Remediation
FortiClientLinux 7.2 7.2.0 Upgrade to 7.2.1 or above
FortiClientLinux 7.0 7.0.3 through 7.0.4 Upgrade to 7.0.11 or above
7.0.6 through 7.0.10

 

References

  1. FortiGuard Labs
  2. The Hacker News

What is Digital Hands Doing?

Without any signs of exploitation and the absence of published Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs), Digital Hands remains vigilant in monitoring for any new developments and updates regarding CVE-2023-45590. Stay tuned for further information as we continue to keep a close eye on this topic to ensure the security of FortiClientLinux users.

Table of Contents

Subscribe to Our Monthly Newsletter

The latest on emerging threats and strategies—straight to your inbox.

By submitting this form, you agree to Digital Hands' Terms of Use and Privacy Policy.

Subscribe to Our Monthly Newsletter

The latest on emerging threats and strategies—straight to your inbox.

By submitting this form, you agree to Digital Hands' Terms of Use and Privacy Policy.

Related Blogs

blog image

Why It’s Time for a New Email Security Solution

blog image

So Many Web-Based Applications, So Little Security

blog image

Beyond Default SIEM: Why Custom Data Ingestion Matters

blog image

Email Should Enable Your Productivity, Not Put It at Risk