CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-23113

Critical Severity
Fortinet
SVRS
92/100
CVSSv3
9.8/10
EPSS
0.45024/1

CVE-2024-23113 is a critical format string vulnerability affecting multiple Fortinet products. It allows attackers to execute unauthorized code or commands by sending specially crafted packets. With a SOCRadar Vulnerability Risk Score (SVRS) of 92, this vulnerability is considered critical and demands immediate attention. The vulnerability stems from the use of externally controlled format strings in FortiOS, FortiProxy, FortiPAM, and FortiSwitchManager. Successful exploitation could grant attackers significant control over affected systems. The presence of active exploits and its inclusion in the CISA KEV catalog further highlight the urgency to patch this vulnerability. Given the widespread use of Fortinet products, CVE-2024-23113 poses a significant risk to organizations globally.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:H
PUBLICATION DATE2024-02-15
LAST MODIFIED2024-10-10
Eye Icon
SOCRadar
AI Insight

Description: Information regarding CVE-2024-23113 is currently unavailable. The CVSS score, description, modification, and publication dates are not provided. Additionally, the SOCRadar Vulnerability Risk Score (SVRS) is not available. Therefore, a comprehensive analysis of the cybersecurity implications and mitigation strategies cannot be performed.

Key Insights: Due to the lack of information, it is not possible to extract key insights regarding the cybersecurity implications of CVE-2024-23113.

Mitigation Strategies: Since the details of CVE-2024-23113 are unknown, specific mitigation strategies cannot be recommended.

Additional Information: If users have further inquiries regarding this incident, they can utilize the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
groshi/CVE-2024-23113-Private-POChttps://github.com/groshi/CVE-2024-23113-Private-POC2024-10-25
labesterOct/CVE-2024-23113https://github.com/labesterOct/CVE-2024-231132024-03-10
Fortinet Multiple Products Format String Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-231132024-10-09
XiaomingX/CVE-2024-23113-pochttps://github.com/XiaomingX/CVE-2024-23113-poc2024-11-28
tr1pl3ight/CVE-2024-23113-POChttps://github.com/tr1pl3ight/CVE-2024-23113-POC2024-03-09
nomi-sec/PoC-in-GitHubhttps://github.com/nomi-sec/PoC-in-GitHub2019-12-08
foxymoxxy/CVE-2024-23113-POChttps://github.com/foxymoxxy/CVE-2024-23113-POC2024-03-10
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

ISC StormCast for Thursday, October 10th, 2024
Dr. Johannes B. Ullrich2024-10-10
ISC StormCast for Thursday, October 10th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Perfctl to Infostealer; Wazuh Malware Distribution; USB Airgab Bridge; Fortigate Vuln ExploitedFrom Perfctl to InfoStealer https://isc.sans.edu/diary/From%20Perfctl%20to%20InfoStealer/31334 Wazuh Abused by Miner Campaign https://securelist.com/miner-campaign-misuses-open-source-siem-agent/114022/ USB Sticks Still Bridge Airgaps https://www.welivesecurity.com/en/eset-research/mind-air-gap-goldenjackal-gooses-government-guardrails/ Fortigate Vulnerability now being exploited <
sans.edu
rss
forum
news
ISC StormCast for Tuesday, October 15th, 2024
Dr. Johannes B. Ullrich2024-10-15
ISC StormCast for Tuesday, October 15th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Blog Phishing; Fortigate Vuln Deep Dive; CLI Entrypoint TakeoverPhishing Page Delivered Through a Blob URL https://isc.sans.edu/diary/Phishing%20Page%20Delivered%20Through%20a%20%20Blob%20URL/31350 Fortinet Fortigate CVE 2024-23113 deep dive https://labs.watchtowr.com/fortinet-fortigate-cve-2024-23113-a-super-complex-vulnerability-in-a-super-secure-appliance-in-2024/ This New Supply Chain Attack Technique Can Trojanize All Your CLI Commands https://checkmarx.com/blog/this-new-supply-chain-attack-technique-can-trojanize-all-your-cli-commands/
sans.edu
rss
forum
news
ISC StormCast for Monday, November 18th, 2024
Dr. Johannes B. Ullrich2024-11-18
ISC StormCast for Monday, November 18th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. Ancient Vulns; GitHub Impersonations; PaloAlto and Fortinet still not secureAncient TP-Link Backdoor Discovered by Attackers https://isc.sans.edu/diary/Ancient%20TP-Link%20Backdoor%20Discovered%20by%20Attackers/31442 GitHub Projects Targeted with Malicious Commits To Frame Researchers https://www.bleepingcomputer.com/news/security/github-projects-targeted-with-malicious-commits-to-frame-researcher/ PaloAlto and Fortinet Vulnerabilities https://labs.watchtowr.com/hop-skip-fortijump-fortijumphigher-cve-2024-23113-cve-2024-47575/ <a href="https://security.paloaltonetworks.com
sans.edu
rss
forum
news
Update #1: Kritische Sicherheitslücken in Fortinet FortiOS, Updates verfügbar
CERT.at2025-04-01
Update #1: Kritische Sicherheitslücken in Fortinet FortiOS, Updates verfügbar | 09. Februar 2024 Beschreibung Fortinet hat zwei kritische Security Advisories ver&ouml;ffentlicht. Beide Security Advisories behandeln Sicherheitsl&uuml;cken, die es unauthentifizierten Angreifer:innen erlauben, Code auf betroffenen Ger&auml;ten auszuf&uuml;hren. Fortinet gibt bez&uuml;glich einer dieser Sicherheitsl&uuml;cken an, dass diese potentiell bereits aktiv f&uuml;r Angriffe ausgenutzt wird. <div style="margin-left: 20px; border-left: solid black
cve-2024-23113
cve-2024-21762
github
security
Kritische Sicherheitslücke CVE-2024-21762 in Fortinet FortiOS wird aktiv ausgenutzt
CERT.at2025-04-01
Kritische Sicherheitslücke CVE-2024-21762 in Fortinet FortiOS wird aktiv ausgenutzt | In unserer Warnung vom 09. Februar 2024 haben wir bereits &uuml;ber die Sicherheitsl&uuml;cken CVE-2024-21762 und CVE-2024-23113 berichtet und in Folge Besitzer:innen &uuml;ber die f&uuml;r die IP-Adressen hinterlegten Abuse-Kontakten informiert. CVE-2024-21762 wird seit kurzem nun aktiv ausgenutzt. Unauthentifizierte Angreifer:innen k&ouml;nnen auf betroffenen Ger
cve-2024-21762
cve-2024-23113
cyber security
cve
Achieve Efficient Prioritization with Flashpoint’s Enriched Vulnerability Intelligence
Flashpoint2024-12-06
Achieve Efficient Prioritization with Flashpoint’s Enriched Vulnerability Intelligence | In this blog, we show the benefits of leveraging comprehensive vulnerability metadata to identify, prioritize, and quickly remediate the most critical vulnerabilities. The post Achieve Efficient Prioritization with Flashpoint&#8217;s Enriched Vulnerability Intelligence appeared first on Flashpoint.<div class="wp-block
flashpoint-intel.com
rss
forum
news
FOCUS FRIDAY: TPRM INSIGHTS INTO ORACLE WEBLOGIC SERVER AND GITHUB ENTERPRISE VULNERABILITIES
Ferdi Gül2024-12-03
FOCUS FRIDAY: TPRM INSIGHTS INTO ORACLE WEBLOGIC SERVER AND GITHUB ENTERPRISE VULNERABILITIES | Written By: Ferdi Gül This week’s Focus Friday blog highlights two critical vulnerabilities that pose significant risks to third-party ecosystems—CVE-2024-21216 affecting Oracle WebLogic Server and CVE-2024-9487 impacting GitHub Enterprise. These vulnerabilities, involving remote code execution and authentication bypass, respectively, threaten not only the organizations directly utilizing these products but also their entire supply chains. In [&#8230;] The post FOCUS FRIDAY: TPRM INSIGHTS INTO ORACLE WEBLOGIC
normshield.com
rss
forum
news

Social Media

CVE-2024-23113, gravedad critica 9.8, en dispositivos FortiOS, expuestos a ataques de ejecución remota de código (RCE). firm afectados: FortiOS 7.4
0
0
0
🚨 Fortinet CVE-2024-23113 - actively exploited by state-sponsored hackers - is now being exploited by cybercriminals who have reverse-engineered it and are selling access to compromised devices If you haven't patched, restrict port 541 to approved IPs or enforce cert auth. https://t.co/8ay8TnFq1b
0
3
8
CVE-2024-23113 related
0
1
4
87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) https://t.co/lGI7KDiDEi
0
0
0
Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 - watchTowr Labs: https://t.co/oerO6GP8XX
0
1
1
🚨Attention IT pros!🚨 CISA confirms attackers exploit 87,000+ Fortinet devices with known critical flaw CVE-2024-23113. Is your firewall one of them? Secure your perimeter now! #Cybersecurity #ITpractices
0
0
0
CVE-2024-23113 - “let me tell you about this class of vulnerability which will never die..” https://t.co/jDSUzgx0se
0
1
5
How to find 0days in cutting edge next-gen security products: 1- Install Ghidra 2- Read Marco's notes 3- Literally copy-paste instructions and apply them to your favorite expensive appliance firmware. 4- Win bugs like CVE-2024-23113.
0
0
5
Most of these instances are located in Asia (38,719) and North America (21,269). But there are also 16,649 Fortinet systems vulnerable to CVE-2024-23113 in Europe, 1,035 of which are located in Germany. https://t.co/tr6HIEBvEc
0
0
0
Fortinet FortiGate CVE-2024-23113 - A Super Complex Vulnerability In A Super Secure Appliance In 2024 - watchTowr Labs https://t.co/dLU6ktyPYs
0
1
2

Affected Software

Configuration 1
TypeVendorProduct
OSFortinetfortios
OSFortinetfortipam
AppFortinetfortiproxy
AppFortinetfortiswitchmanager

References

ReferenceLink
[email protected]https://fortiguard.com/psirt/FG-IR-24-029

CWE Details

CWE IDCWE NameDescription
CWE-134Use of Externally-Controlled Format StringThe software uses a function that accepts a format string as an argument, but the format string originates from an external source.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence