What is CVE-2023-36640?

A medium-severity vulnerability has been identified in Fortinet FortiProxy, FortiPAM, and FortiOS, allowing attackers to execute unauthorized commands. Organizations should prioritize patching to mitigate potential risks.

What is the severity of CVE-2023-36640?

CVE-2023-36640 has a severity rating of MEDIUM with a CVSS base score of 6.7.

CVE-2023-36640 | Medium Vulnerability in Fortinet FortiProxy

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, and FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attackers to execute unauthorized code or commands via specially crafted commands.

This vulnerability is classified as medium severity with a CVSS score of 6.7. The risk to organizations includes potential unauthorized access and control over affected systems, which could lead to broader security implications if left unaddressed.

Organizations should prioritize patching immediately. The vulnerability affects multiple versions of Fortinet products, making it crucial for organizations to review their deployments and apply the necessary updates.

No public exploit has been confirmed, and it is not currently listed in the KEV catalog. However, given the nature of the vulnerability, it is advisable to monitor for any potential exploits that may arise.

Organizations must remain vigilant and proactive in their security posture to mitigate risks associated with such vulnerabilities.

Vulnerability Details

The vulnerability allows attackers to exploit a use of externally-controlled format strings. The primary components affected include Fortinet FortiProxy, FortiPAM, and FortiOS across various versions. The CWE classification for this vulnerability is CWE-134.

The CVSS score of 6.7 indicates a medium severity level, with high impacts on confidentiality, integrity, and availability. The attack vector is local, requiring high privileges, but does not necessitate user interaction.

Technical Analysis

The root cause of this vulnerability lies in the handling of format strings, which can be influenced by external inputs, allowing for unauthorized command execution. The attack complexity is low, with attackers needing high privileges to exploit this vulnerability.

The attack vector is local, meaning the attacker must have some level of access to the system. No user interaction is required for the exploit to succeed. The impacts on confidentiality, integrity, and availability are rated as high, indicating a significant risk.

Risk & Impact Analysis

This vulnerability poses a significant risk to organizations using the affected Fortinet products. Given the high impact on confidentiality, integrity, and availability, the potential for unauthorized access and command execution can lead to severe security incidents.

Organizations should assess the blast radius of this vulnerability, especially in environments where Fortinet products are critical to operations. The urgency of addressing this vulnerability should be high, given the potential for exploitation.

Exploitation Status

Signal	Status
Known Exploit	No
Public PoC	No
Actively Exploited	No
Ransomware Use	No

Affected Versions

The following versions are affected by this vulnerability: FortiProxy 1.0.0 through 1.0.7, 1.1.0 through 1.1.6, 1.2.0 through 1.2.13, 2.0.0 through 2.0.14, 7.0.0 through 7.0.10, 7.2.0 through 7.2.4; FortiPAM 1.0.0 through 1.0.3; and FortiOS 6.0.0 through 6.0.16, 6.2.0 through 6.2.15, 6.4.0 through 6.4.14, 7.0.0 through 7.0.12, and 7.2.0.

Mitigation & Remediation

Organizations should apply available patches for the affected Fortinet products as soon as possible. For those unable to patch immediately, consider implementing workarounds to limit exposure.

For more information on penetration testing services that can help identify and remediate vulnerabilities, organizations can refer to penetration testing solutions.

Detection Guidance

Organizations should monitor logs for unusual command execution patterns and any unauthorized access attempts. Behavioral anomalies in the system should also be tracked as potential indicators of exploitation.

AppSecure Threat Intelligence Insight

This vulnerability highlights the importance of secure coding practices, particularly in handling input from external sources. Organizations should consider implementing robust input validation to mitigate risks associated with format string vulnerabilities.

To learn more about security best practices, organizations can review the following resources: penetration testing methodology, vulnerability management program design, and cloud penetration testing guidelines.

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

CVE ID	Title	Severity	Vulnerability Type	Published
CVE-2025-65418	CVE-2025-65418: High Vulnerability in docuFORM Managed Print Service Client	HIGH	Path Traversal	May 11, 2026
CVE-2025-65417	CVE-2025-65417: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	XSS	May 11, 2026
CVE-2025-65416	CVE-2025-65416: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Unrestricted File Upload	May 11, 2026
CVE-2025-65415	CVE-2025-65415: Medium Vulnerability in docuFORM Managed Print Service Client	MEDIUM	Session Fixation	May 11, 2026
CVE-2025-61314	CVE-2025-61314: High Vulnerability in GmbH Mecury Managed Print Services	HIGH	XSS	May 11, 2026

CVE-2023-36640: Medium Vulnerability in Fortinet FortiProxy