CVE-2023-45590: FortiClient Linux Remote Code Execution due to Dangerous Nodejs Configuration
An Improper Control of Generation of Code ('Code Injection') vulnerability [CWE-94] in FortiClientLinux may allow an unauthenticated attacker to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.
CVE-2023-45590 Details
Severity: Critical with a 9.4/10 CVSS score ⚠️
Exploitation Status: No evidence yet of exploitation in the wild
CVE ID: CVE-2023-45590
Impact
Exploitation of vulnerability CVE-2023-45590 could lead to the execution of unauthorized code or commands, and potentially allow an unauthenticated attacked to execute arbitrary code via tricking a FortiClientLinux user into visiting a malicious website.
Recommendation for CVE-2023-45590
| Version | Affected | Remediation |
| FortiClientLinux 7.2 | 7.2.0 | Upgrade to 7.2.1 or above |
| FortiClientLinux 7.0 | 7.0.3 through 7.0.4 | Upgrade to 7.0.11 or above |
| 7.0.6 through 7.0.10 |
References
What is Digital Hands Doing?
Without any signs of exploitation and the absence of published Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs), Digital Hands remains vigilant in monitoring for any new developments and updates regarding CVE-2023-45590. Stay tuned for further information as we continue to keep a close eye on this topic to ensure the security of FortiClientLinux users.