CVE-2023-26203

Name of the Vulnerable Software and Affected Versions FortiNAC-F version 7.2.0 FortiNAC versions 9.4.2 and below FortiNAC versions 9.2 and earlier FortiNAC versions 8.8 and earlier FortiNAC versions 8.7 and earlier

Description A use of hard-coded credentials issue may allow an authenticated attacker to access the database via shell commands. This could potentially lead to unauthorized access to protected information by executing commands.

Recommendations For FortiNAC-F version 7.2.0, update to a version that addresses the hard-coded credentials issue. For FortiNAC versions 9.4.2 and below, update to a version above 9.4.2 or apply the recommended fix. For FortiNAC versions 9.2 and earlier, update to a version above 9.2 or apply the recommended fix. For FortiNAC versions 8.8 and earlier, update to a version above 8.8 or apply the recommended fix. For FortiNAC versions 8.7 and earlier, update to a version above 8.7 or apply the recommended fix. As a temporary workaround, consider restricting access to shell commands to minimize the risk of exploitation.