CVE-2023-41679: 
Fortinet FortiManager vulnerability analysis and mitigation

An improper access control vulnerability (CVE-2023-41679) was discovered in the FortiManager management interface. The vulnerability affects multiple versions including FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, and all versions of 6.2 and 6.0. The vulnerability was internally discovered by Wilfried Djettchou of Fortinet Product Security team and was initially published on October 10, 2023 (Fortinet Advisory).

The vulnerability is classified as CWE-284 (Improper Access Control) and received a CVSS v3.1 base score of 9.6 CRITICAL from NVD, while Fortinet assigned it a score of 8.5 HIGH. The vulnerability allows a remote authenticated attacker with at least 'device management' permission on their profile and belonging to a specific ADOM (Administrative Domain) to add and delete CLI scripts on other ADOMs, effectively bypassing intended access controls (NVD Database).

The vulnerability enables unauthorized code execution and commands across different Administrative Domains (ADOMs), potentially compromising the security boundaries between different administrative areas within FortiManager. This could lead to unauthorized configuration changes and potential system compromise across multiple domains (Fortinet Advisory).

Fortinet has released patches to address this vulnerability. Organizations are advised to upgrade to FortiManager version 7.4.0 or above, version 7.2.3 or above, version 7.0.8 or above, or version 6.4.12 or above, depending on their current version (Fortinet Advisory).