CVE-2023-29179: 
FortiOS vulnerability analysis and mitigation

A null pointer dereference vulnerability was discovered in Fortinet FortiOS and FortiProxy that affects multiple versions. The vulnerability (CVE-2023-29179) was identified in FortiOS versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, and FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10. The vulnerability was internally discovered and reported by Gwendal Guégniaud of Fortinet Product Security team during an internal audit of the SSL-VPN component, with initial publication on June 12, 2023 (Fortinet Advisory).

The vulnerability is classified as a NULL pointer dereference (CWE-476) that affects the SSL-VPN daemon via the /proxy endpoint. The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium), with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H. The vulnerability requires authentication and can be triggered through specially crafted HTTP requests to the proxy endpoint (Fortinet Advisory).

When successfully exploited, this vulnerability allows an authenticated attacker to cause a denial of service condition by crashing the SSL-VPN daemon through specially crafted HTTP requests (Fortinet Advisory).

Fortinet has released patches for the affected versions and recommends upgrading to the following versions: FortiOS 7.2.5 or above for 7.2.x, FortiOS 7.0.12 or above for 7.0.x, FortiOS 6.4.13 or above for 6.4.x, FortiProxy 7.2.5 or above for 7.2.x, and FortiProxy 7.0.11 or above for 7.0.x. Users should follow the recommended upgrade path using Fortinet's upgrade tool (Fortinet Advisory).