CVE-2023-25607: 
Fortinet FortiManager vulnerability analysis and mitigation

An improper neutralization of special elements used in an OS Command Injection vulnerability (CVE-2023-25607) was discovered in FortiManager, FortiAnalyzer, and FortiADC management interface. The vulnerability was internally discovered by Wilfried Djettchou of Fortinet Product Security team and initially published on October 10, 2023. The vulnerability affects multiple versions of FortiManager (6.0-7.2.2), FortiAnalyzer (6.0-7.2.2), and FortiADC (6.0-7.1.0) (Fortinet Advisory).

The vulnerability (CWE-78) stems from an unsafe usage of the wordexp function in the GUI component. It received a CVSSv3 Score of 7.4 (High severity). The vulnerability exists in the management interface and can be exploited by an authenticated attacker with at least READ permissions on system settings (Fortinet Advisory, NVD).

If successfully exploited, this vulnerability allows an attacker to execute arbitrary commands on the underlying shell of the affected systems. This could potentially lead to unauthorized code execution and system compromise (Fortinet Advisory).

Fortinet has released patches for affected versions. FortiADC users should upgrade to version 7.1.1 or above for 7.1 branch, and 7.0.4 or above for 7.0 branch. FortiAnalyzer and FortiManager users should upgrade to version 7.2.3 or above for 7.2 branch, 7.0.8 or above for 7.0 branch, and 6.4.12 or above for 6.4 branch. Users of versions 6.2 and 6.0 should migrate to a fixed release (Fortinet Advisory).