CVE-2023-36641: 
FortiOS vulnerability analysis and mitigation

CVE-2023-36641 is a numeric truncation error vulnerability discovered in Fortinet's FortiOS and FortiProxy SSL VPN components. The vulnerability was internally discovered by Gwendal Guégniaud of Fortinet Product Security team during an internal audit of the SSL-VPN component. Initially disclosed on November 14, 2023, it affects multiple versions of FortiOS (from 6.0 to 7.4.0) and FortiProxy (from 1.0 to 7.2.4). The vulnerability has been assigned a CVSS v3.1 base score of 6.5 (Medium severity) (Fortinet Advisory).

The vulnerability is characterized as a null pointer dereference [CWE-476] in the SSL VPN component of affected FortiOS and FortiProxy systems. The issue manifests when processing specifically crafted HTTP requests, which can trigger a numeric truncation error in the system. The vulnerability received a CVSS v3.1 vector string of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H, indicating network accessibility, low attack complexity, and requiring low privileges (NVD).

The primary impact of this vulnerability is a Denial of Service (DoS) condition. When successfully exploited, authenticated attackers can cause the affected system to crash, potentially disrupting SSL VPN services and affecting system availability (Fortinet IPS).

Fortinet has released patches for affected versions and recommends upgrading to the following versions: FortiOS 7.4.1 or above for 7.4.x, 7.2.6 or above for 7.2.x, and 7.0.13 or above for 7.0.x. For FortiProxy, upgrade to version 7.2.5 or above for 7.2.x, and 7.0.11 or above for 7.0.x. Users of older versions (FortiOS 6.0-6.4 and FortiProxy 1.0-2.0) should migrate to a fixed release. Additionally, a virtual patch named 'FortiOS.SSL.VPN.CVE-2023-36641.Memory.Corruption' is available in FMWP db update (Fortinet Advisory).