Security Advisories

FSC-2019-3: Unauthenticated Remote Code Execution in F-Secure Internet Gatekeeper

Description

Vulnerability in web user interface of the F-Secure Internet Gatekeeper can lead to remote code execution.

Status: Resolved.

Action required: User action is required; see action below.

Risk level: Critical.

 

Affected Products

Risk Level (Low/Medium/High/Critical): Critical

  • F-Secure Internet Gatekeeper 5.50 and below
  • F-Secure Internet Gatekeeper Virtual Appliance 5.50 and below

Platforms

Risk Level (Low/Medium/High/Critical): Critical

All supported platforms for the affected products.

More Information

A vulnerability was discovered in the web user interface of the F-Secure Internet Gatekeeper product. An unauthenticated user can cause a heap overflow by issuing a malformed HTTP request to the web user interface. A successful attack can lead to remote code execution on the F-Secure Internet Gatekeeper server. 

This issue and a proof-of-concept exploit was reported privately to F-Secure as part of our Vulnerability Reward Program. No known attacks have been reported or observed in the wild.

Fix Available

Product Versions Fix
F-Secure Internet Gatekeeper 5.40 - 5.50

Hotfix 8 has been published to fix this vulnerability. Download and instructions on: 
https://www.f-secure.com/en/web/business_global/downloads/internet-gatekeeper

Note: 
Security hotfix is only released for version 5.40 - 5.50, as per our Support Policy. Users with older versions are advised to upgrade to a newer version which has security hotfixes support.

F-Secure Internet Gatekeeper Virtual Appliance 5.40 - 5.50

Hotfix 8 has been published to fix this vulnerability. Download and instructions on: 
https://www.f-secure.com/en/web/business_global/downloads/internet-gatekeeper

Note: 
Security hotfix is only released for FSIGKVA version 5.40 - 5.50, as per our Support Policy. Users with older versions are advised to upgrade to a newer version which has security hotfixes support.

 

Credits

F-Secure Corporation would like to thank Kevin Joensen for bringing this issue to our attention.

Date Issued: 2019-07-11