A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HFortinet FortiOS
OSFortinet7.0.0 – 7.0.137.4.0 – 7.4.27.2.0 – 7.2.6Fortinet Fortipam
OSFortinet1.2.01.1.0 – 1.1.21.0.0 – 1.0.3Fortinet Fortiproxy
APPFortinet7.2.0 – 7.2.87.4.0 – 7.4.27.0.0 – 7.0.14Fortinet Fortiswitchmanager
APPFortinet7.0.0 – 7.0.37.2.0 – 7.2.3
CISA KEV — detailsi
- Vendori
- Fortinet ↗
- Producti
- Multiple Products
- Added to KEVi
- October 9, 2024
- Remediation deadline (US Federal)i
- October 30, 2024(overdue)
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
Related vulnerabilities
Fortinet – Auth Bypass przez FortiCloud SSO w wielu produktach
Fortinet FortiOS/FortiProxy/FortiSwitchManager — Auth Bypass przez SAML
Authentication Bypass w FortiOS i FortiProxy — przejęcie uprawnień super-admin
Out-of-bounds write w Fortinet FortiOS i FortiProxy — RCE bez uwierzytelnienia
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and be...