Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-33505

Summary
Assigner-fortinet
Assigner Org ID-6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At-12 Nov, 2024 | 18:53
Updated At-12 Nov, 2024 | 20:54
Rejected At-
Credits

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specially crafted http requests

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–ĽCommon Vulnerabilities and Exposures (CVE)
cve.org
Assigner:fortinet
Assigner Org ID:6abe59d8-c742-4dff-8ce8-9b0ca1073da8
Published At:12 Nov, 2024 | 18:53
Updated At:12 Nov, 2024 | 20:54
Rejected At:
â–ĽCVE Numbering Authority (CNA)

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specially crafted http requests

Affected Products
Vendor
Fortinet, Inc.Fortinet
Product
FortiAnalyzer
CPEs
  • cpe:2.3:o:fortinet:fortianalyzer:7.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.15:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.14:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortianalyzer:6.4.0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 7.4.0 through 7.4.2 (semver)
  • From 7.2.0 through 7.2.5 (semver)
  • From 7.0.0 through 7.0.13 (semver)
  • From 6.4.0 through 6.4.15 (semver)
Vendor
Fortinet, Inc.Fortinet
Product
FortiManager
CPEs
  • cpe:2.3:o:fortinet:fortimanager:7.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:7.0.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.15:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.14:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.4.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.13:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.2.0:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.12:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.11:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.10:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.9:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.8:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.7:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.6:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.5:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.3:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.2:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fortinet:fortimanager:6.0.0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • From 7.4.0 through 7.4.2 (semver)
  • From 7.2.0 through 7.2.5 (semver)
  • From 7.0.0 through 7.0.13 (semver)
  • From 6.4.0 through 6.4.15 (semver)
  • From 6.2.0 through 6.2.13 (semver)
  • From 6.0.0 through 6.0.12 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-122Escalation of privilege
Type: CWE
CWE ID: CWE-122
Description: Escalation of privilege
Metrics
VersionBase scoreBase severityVector
3.15.3MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C
Version: 3.1
Base score: 5.3
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:P/RL:U/RC:C
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Please upgrade to FortiAnalyzer version 7.4.3 or above Please upgrade to FortiAnalyzer version 7.2.6 or above Please upgrade to FortiManager version 7.4.3 or above Please upgrade to FortiManager version 7.2.6 or above Please upgrade to FortiAP-U version 7.0.4 or above Please upgrade to FortiClient (all) version 7.4.0 or above Please upgrade to FortiClient (all) version 7.2.5 or above Please upgrade to FortiClient (all) version 7.0.13 or above Please upgrade to FortiManager Cloud version 7.4.3 or above Please upgrade to FortiManager Cloud version 7.2.7 or above Please upgrade to FortiAP version 7.6.0 or above Please upgrade to FortiAP version 7.4.3 or above Please upgrade to FortiClientEMS version 7.2.7 or above Please upgrade to FortiAnalyzer Cloud version 7.4.3 or above Please upgrade to FortiAnalyzer Cloud version 7.2.7 or above

Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://fortiguard.fortinet.com/psirt/FG-IR-24-125
N/A
Hyperlink: https://fortiguard.fortinet.com/psirt/FG-IR-24-125
Resource: N/A
â–ĽAuthorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–ĽNational Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@fortinet.com
Published At:12 Nov, 2024 | 19:15
Updated At:31 Jan, 2025 | 17:41

A heap-based buffer overflow in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specially crafted http requests

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.6MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Primary3.17.3HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 5.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Type: Primary
Version: 3.1
Base score: 7.3
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
CPE Matches
Fortinet, Inc.
fortinet
>>fortianalyzer>>Versions from 6.4.0(inclusive) to 7.2.6(exclusive)
cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortianalyzer>>Versions from 7.4.0(inclusive) to 7.4.3(exclusive)
cpe:2.3:a:fortinet:fortianalyzer:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortimanager>>Versions from 6.0.0(inclusive) to 7.2.7(exclusive)
cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortimanager>>Versions from 7.4.0(inclusive) to 7.4.3(exclusive)
cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortimanager_cloud>>Versions from 6.4.1(inclusive) to 7.2.7(exclusive)
cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*
Fortinet, Inc.
fortinet
>>fortimanager_cloud>>Versions from 7.4.1(inclusive) to 7.4.3(exclusive)
cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-122Secondarypsirt@fortinet.com
CWE-787Primarynvd@nist.gov
CWE ID: CWE-122
Type: Secondary
Source: psirt@fortinet.com
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://fortiguard.fortinet.com/psirt/FG-IR-24-125psirt@fortinet.com
Vendor Advisory
Hyperlink: https://fortiguard.fortinet.com/psirt/FG-IR-24-125
Source: psirt@fortinet.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

129Records found
CVE-2024-35276
Matching Score-10
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-10
Assigner-Fortinet, Inc.
CVSS Score-5||MEDIUM
EPSS-0.08% / 24.14%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:08
Updated-31 Jan, 2025 | 17:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiAnalyzer versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager versions 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiManager Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.11, 6.4.1 through 6.4.7 allows attacker to execute unauthorized code or commands via specially crafted packets.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortianalyzer_cloudfortimanager_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-55594
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 33.93%
||
7 Day CHG~0.00%
Published-14 Mar, 2025 | 16:25
Updated-14 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-FortiWeb
CWE ID-CWE-228
Improper Handling of Syntactically Invalid Structure
CVE-2024-50563
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.31% / 53.60%
||
7 Day CHG~0.00%
Published-16 Jan, 2025 | 09:16
Updated-24 Sep, 2025 | 15:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A weak authentication in Fortinet FortiManager Cloud, FortiAnalyzer versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, FortiManager versions 7.6.0 through 7.6.1, 7.4.1 through 7.4.3, FortiManager Cloud versions 7.4.1 through 7.4.3 allows attacker to execute unauthorized code or commands via a brute-force attack.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimanager_cloudfortianalyzerfortianalyzer_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-1390
Weak Authentication
CVE-2025-62631
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 18.08%
||
7 Day CHG~0.00%
Published-09 Dec, 2025 | 17:18
Updated-10 Feb, 2026 | 07:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insufficient session expiration vulnerability [CWE-613] vulnerability in Fortinet FortiOS 7.4.0, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions allows attacker to maintain access to network resources via an active SSLVPN session not terminated after a user's password change under particular conditions outside of the attacker's control

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOS
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2021-24012
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.21% / 42.85%
||
7 Day CHG~0.00%
Published-02 Jun, 2021 | 12:42
Updated-25 Oct, 2024 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper following of a certificate's chain of trust vulnerability in FortiGate versions 6.4.0 to 6.4.4 may allow an LDAP user to connect to SSLVPN with any certificate that is signed by a trusted Certificate Authority.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortinet FortiOS
CWE ID-CWE-295
Improper Certificate Validation
CVE-2024-33508
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.9||MEDIUM
EPSS-1.57% / 81.20%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 14:37
Updated-20 Sep, 2024 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper neutralization of special elements used in a command ('Command Injection') vulnerability [CWE-77] in Fortinet FortiClientEMS 7.2.0 through 7.2.4, 7.0.0 through 7.0.12 may allow an unauthenticated attacker to execute limited and temporary operations on the underlying database via crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-forticlient_enterprise_management_serverFortiClientEMSforticlient_endpoint_management_server
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2021-41025
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-7.3||HIGH
EPSS-0.33% / 55.07%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 18:46
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple vulnerabilities in the authentication mechanism of confd in FortiWeb versions 6.4.1, 6.4.0, 6.3.0 through 6.3.15, 6.2.0 through 6.2.6, 6.1.0 through 6.1.2, 6.0.0 thorugh 6.0.7, including an instance of concurrent execution using shared resource with improper synchronization and one of authentication bypass by capture-replay, may allow a remote unauthenticated attacker to circumvent the authentication process and authenticate as a legitimate cluster peer.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2022-39954
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.06% / 17.29%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.7, FortiNAC version 9.1.0 through 9.1.8, FortiNAC version 8.8.0 through 8.8.11, FortiNAC version 8.7.0 through 8.7.6, FortiNAC version 8.6.0 through 8.6.5, FortiNAC version 8.5.0 through 8.5.4, FortiNAC version 8.3.7 allows attacker to read arbitrary files or trigger a denial of service via specifically crafted XML documents.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortinacfortinac-fFortiNAC
CWE ID-CWE-611
Improper Restriction of XML External Entity Reference
CVE-2023-45582
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.21% / 42.52%
||
7 Day CHG~0.00%
Published-14 Nov, 2023 | 18:05
Updated-30 Aug, 2024 | 18:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper restriction of excessive authentication attempts vulnerability [CWE-307] in FortiMail webmail version 7.2.0 through 7.2.4, 7.0.0 through 7.0.6 and before 6.4.8 may allow an unauthenticated attacker to  perform a brute force attack on the affected endpoints via repeated login attempts.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortimailFortiMail
CWE ID-CWE-307
Improper Restriction of Excessive Authentication Attempts
CVE-2023-42784
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 33.93%
||
7 Day CHG~0.00%
Published-11 Mar, 2025 | 14:54
Updated-22 Jul, 2025 | 21:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper handling of syntactically invalid structure in Fortinet FortiWeb at least verions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-228
Improper Handling of Syntactically Invalid Structure
CVE-2020-29012
Matching Score-8
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-8
Assigner-Fortinet, Inc.
CVSS Score-5.6||MEDIUM
EPSS-0.20% / 42.25%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 10:26
Updated-25 Oct, 2024 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An insufficient session expiration vulnerability in FortiSandbox versions 3.2.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain information about other users configured on the device, should the attacker be able to obtain that session ID (via other, hypothetical attacks)

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisandboxFortinet FortiSandbox
CWE ID-CWE-613
Insufficient Session Expiration
CVE-2022-33871
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.32% / 54.55%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-30306
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.42% / 61.21%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in the CA sign functionality of FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted password.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-26112
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.1||HIGH
EPSS-2.87% / 85.96%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 09:15
Updated-25 Oct, 2024 | 13:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities [CWE-121] both in network daemons and in the command line interpreter of FortiWAN before 4.5.9 may allow an unauthenticated attacker to potentially corrupt control data in memory and execute arbitrary code via specifically crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwanFortinet FortiWAN
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-26096
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.4||MEDIUM
EPSS-0.53% / 66.44%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 17:57
Updated-25 Oct, 2024 | 13:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisandboxFortinet FortiSandbox
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-57740
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 31.57%
||
7 Day CHG+0.03%
Published-14 Oct, 2025 | 15:22
Updated-14 Jan, 2026 | 09:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Heap-based Buffer Overflow vulnerability [CWE-122] in FortiOS version 7.6.2 and below, version 7.4.7 and below, version 7.2.10 and below, 7.0 all versions, 6.4 all versions; FortiPAM version 1.5.0, version 1.4.2 and below, 1.3 all versions, 1.2 all versions, 1.1 all versions, 1.0 all versions and FortiProxy version 7.6.2 and below, version 7.4.3 and below, 7.2 all versions, 7.0 all versions RDP bookmark connection may allow an authenticated user to execute unauthorized code via crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosfortipamfortiproxyFortiPAMFortiProxyFortiOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-58413
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.9||MEDIUM
EPSS-0.01% / 1.15%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 17:01
Updated-15 Jan, 2026 | 14:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2 all versions, FortiOS 7.0 all versions, FortiOS 6.4 all versions, FortiOS 6.2 all versions, FortiOS 6.0 all versions, FortiSASE 25.3.b allows attacker to execute unauthorized code or commands via specially crafted packets

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortisasefortiosFortiSASEFortiOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22130
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.62% / 69.47%
||
7 Day CHG~0.00%
Published-03 Jun, 2021 | 10:27
Updated-25 Oct, 2024 | 13:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability in FortiProxy physical appliance CLI 2.0.0 to 2.0.1, 1.2.0 to 1.2.9, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 may allow an authenticated, remote attacker to perform a Denial of Service attack by running the `diagnose sys cpuset` with a large cpuset mask value. Fortinet is not aware of any successful exploitation of this vulnerability that would lead to code execution.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyFortinet FortiProxy
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-35273
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7||HIGH
EPSS-0.15% / 36.34%
||
7 Day CHG~0.00%
Published-14 Jan, 2025 | 14:08
Updated-31 Jan, 2025 | 17:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A out-of-bounds write in Fortinet FortiManager version 7.4.0 through 7.4.2, FortiAnalyzer version 7.4.0 through 7.4.2 allows attacker to escalation of privilege via specially crafted http requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzerfortianalyzer_cloudfortimanager_cloudfortimanagerFortiManagerFortiAnalyzer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-42789
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-23.64% / 95.86%
||
7 Day CHG~0.00%
Published-12 Mar, 2024 | 15:09
Updated-12 Aug, 2024 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxyFortiPAMfortiosfortipamfortiproxy
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-31496
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 20.11%
||
7 Day CHG~0.00%
Published-12 Nov, 2024 | 18:53
Updated-21 Jan, 2025 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortianalyzer_big_datafortimanagerfortianalyzerFortiManagerFortiAnalyzer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-48839
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.10% / 28.69%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 17:01
Updated-14 Jan, 2026 | 09:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Out-of-bounds Write vulnerability [CWE-787] in FortiADC 8.0.0, 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions may allow an authenticated attacker to execute arbitrary code via specially crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiadcFortiADC
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-46373
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.1||HIGH
EPSS-0.02% / 5.13%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 17:01
Updated-14 Jan, 2026 | 09:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Heap-based Buffer Overflow vulnerability [CWE-122] vulnerability in Fortinet FortiClientWindows 7.4.0 through 7.4.3, FortiClientWindows 7.2.0 through 7.2.8 may allow an authenticated local IPSec user to execute arbitrary code or commands via "fortips_74.sys". The attacker would need to bypass the Windows heap integrity protections

Action-Not Available
Vendor-Fortinet, Inc.
Product-forticlientFortiClientWindows
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-12820
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-5.4||MEDIUM
EPSS-4.04% / 88.24%
||
7 Day CHG~0.00%
Published-19 Dec, 2024 | 10:57
Updated-21 Jan, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOS
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-26010
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.23% / 45.70%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:32
Updated-27 Aug, 2025 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiPAM version 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiWeb, FortiAuthenticator, FortiSwitchManager version 7.2.0 through 7.2.3, 7.0.1 through 7.0.3, FortiOS version 7.4.0 through 7.4.3, 7.2.0 through 7.2.7, 7.0.0 through 7.0.14, 6.4.0 through 6.4.15, 6.2.0 through 6.2.16, 6.0.0 through 6.0.18, FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.9, 7.0.0 through 7.0.15, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specially crafted packets.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiswitchmanagerfortiosfortipamfortiproxyFortiOSFortiSwitchManagerFortiProxyFortiPAM
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-23110
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.4||HIGH
EPSS-0.15% / 35.85%
||
7 Day CHG~0.00%
Published-11 Jun, 2024 | 14:31
Updated-23 Aug, 2024 | 02:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOSfortios
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27997
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.2||CRITICAL
EPSS-89.78% / 99.55%
||
7 Day CHG+0.86%
Published-13 Jun, 2023 | 08:41
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-07-04||Apply updates per vendor instructions.

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS version 7.2.4 and below, version 7.0.11 and below, version 6.4.12 and below, version 6.0.16 and below and FortiProxy version 7.2.3 and below, version 7.0.9 and below, version 2.0.12 and below, version 1.2 all versions, version 1.1 all versions SSL-VPN may allow a remote attacker to execute arbitrary code or commands via specifically crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosfortigate_6000fortigate_7000FortiOS-6K7KFortiProxyFortiOSFortiOS and FortiProxy SSL-VPN
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-21762
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-92.91% / 99.76%
||
7 Day CHG~0.00%
Published-09 Feb, 2024 | 08:14
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-02-16||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxyfortiproxyfortiosFortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-13383
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-4.3||MEDIUM
EPSS-1.31% / 79.51%
||
7 Day CHG~0.00%
Published-29 May, 2019 | 17:20
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-10||Apply updates per vendor instructions.

A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortinet FortiOS and FortiProxyFortiOS and FortiProxy
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-44170
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.13% / 32.18%
||
7 Day CHG~0.00%
Published-18 Jul, 2022 | 16:35
Updated-25 Oct, 2024 | 13:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortinet FortiProxy, FortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-25602
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.4||HIGH
EPSS-0.11% / 29.84%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb 6.4 all versions, FortiWeb versions 6.3.17 and earlier, FortiWeb versions 6.2.6 and earlier, FortiWeb versions 6.1.2 and earlier, FortiWeb versions 6.0.7 and earlier, FortiWeb versions 5.9.1 and earlier, FortiWeb 5.8 all versions, FortiWeb 5.7 all versions, FortiWeb 5.6 all versions allows attacker to execute unauthorized code or commands via specially crafted command arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-43071
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.48% / 64.57%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 09:18
Updated-25 Oct, 2024 | 13:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-23781
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.1||MEDIUM
EPSS-0.36% / 57.94%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:06
Updated-23 Oct, 2024 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below SAML server configuration may allow an authenticated attacker to achieve arbitrary code execution via specifically crafted XML files.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42756
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-83.17% / 99.24%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 18:05
Updated-23 Oct, 2024 | 14:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflow vulnerabilities [CWE-121] in the proxy daemon of FortiWeb 5.x all versions, 6.0.7 and below, 6.1.2 and below, 6.2.6 and below, 6.3.16 and below, 6.4 all versions may allow an unauthenticated remote attacker to achieve arbitrary code execution via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-42757
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.07% / 22.11%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 11:01
Updated-16 Oct, 2025 | 10:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortivoicefortianalyzerfortiwebfortiportalfortiproxyfortimanagerfortiswitchfortirecorder_firmwarefortios-6k7kfortiadcfortiosfortindrfortimailFortiManagerFortiRecorderFortiPortalFortiSwitchFortiADCFortiVoiceFortiDDoS-FFortiDDoSFortiNDRFortiMailFortiAnalyzerFortiOSFortiProxyFortiWeb
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-22640
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.1||HIGH
EPSS-0.45% / 63.22%
||
7 Day CHG~0.00%
Published-03 May, 2023 | 21:26
Updated-23 Oct, 2024 | 14:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A out-of-bounds write in Fortinet FortiOS version 7.2.0 through 7.2.3, FortiOS version 7.0.0 through 7.0.10, FortiOS version 6.4.0 through 6.4.11, FortiOS version 6.2.0 through 6.2.13, FortiOS all versions 6.0, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7, FortiProxy all versions 2.0, FortiProxy all versions 1.2, FortiProxy all versions 1.1, FortiProxy all versions 1.0 allows an authenticated attacker to execute unauthorized code or commands via specifically crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiproxyfortiosFortiOSFortiProxy
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-32756
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.6||CRITICAL
EPSS-33.12% / 96.78%
||
7 Day CHG~0.00%
Published-13 May, 2025 | 14:46
Updated-15 Jan, 2026 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2025-06-04||Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

A stack-based buffer overflow vulnerability [CWE-121] vulnerability in Fortinet FortiCamera 2.1.0 through 2.1.3, FortiCamera 2.0 all versions, FortiCamera 1.1 all versions, FortiMail 7.6.0 through 7.6.2, FortiMail 7.4.0 through 7.4.4, FortiMail 7.2.0 through 7.2.7, FortiMail 7.0.0 through 7.0.8, FortiNDR 7.6.0, FortiNDR 7.4.0 through 7.4.7, FortiNDR 7.2.0 through 7.2.4, FortiNDR 7.0.0 through 7.0.6, FortiRecorder 7.2.0 through 7.2.3, FortiRecorder 7.0.0 through 7.0.5, FortiRecorder 6.4.0 through 6.4.5, FortiVoice 7.2.0, FortiVoice 7.0.0 through 7.0.6, FortiVoice 6.4.0 through 6.4.10 allows a remote unauthenticated attacker to execute arbitrary code or commands via sending HTTP requests with specially crafted hash cookie.

Action-Not Available
Vendor-Fortinet, Inc.
Product-forticamera_firmwarefortivoiceforticamerafortimailfortindrfortirecorderFortiRecorderFortiVoiceFortiMailFortiNDRFortiCameraMultiple Products
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-41017
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.88% / 74.98%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 18:51
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple heap-based buffer overflow vulnerabilities in some web API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow a remote authenticated attacker to execute arbitrary code or commands via specifically crafted HTTP requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-41027
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.3||HIGH
EPSS-0.18% / 39.80%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 12:55
Updated-25 Oct, 2024 | 13:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, allows an authenticated attacker to execute unauthorized code or commands via crafted certificates loaded into the device.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-42475
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-9.3||CRITICAL
EPSS-94.06% / 99.90%
||
7 Day CHG~0.00%
Published-02 Jan, 2023 | 08:18
Updated-24 Oct, 2025 | 12:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-01-03||Apply updates per vendor instructions.

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fpm-7620efortigate-6501f-dcfim-7904efim-7901efim-7910efortigate-7121ffim-7920efortiosfim-7921ffortigate-6500ffpm-7620ffpm-7630efortigate-7060efortiproxyfortigate-7030efortigate-6300ffortigate-6601f-dcfortigate-6601ffortigate-6300f-dcfortigate-7040efim-7941ffortigate-6500f-dcfortigate-6501fFortiOSFortiProxyFortiOS
CWE ID-CWE-197
Numeric Truncation Error
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36179
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8||HIGH
EPSS-0.58% / 68.45%
||
7 Day CHG~0.00%
Published-08 Sep, 2021 | 10:15
Updated-25 Oct, 2024 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.3.14 and below, 6.2.4 and below allows attacker to execute unauthorized code or commands via crafted parameters in CLI command execution

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36186
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.53% / 66.90%
||
7 Day CHG~0.00%
Published-02 Nov, 2021 | 18:35
Updated-25 Oct, 2024 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A stack-based buffer overflow in Fortinet FortiWeb version 6.4.0, version 6.3.15 and below, 6.2.5 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-25249
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-7.4||HIGH
EPSS-0.03% / 7.38%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 16:32
Updated-19 Jan, 2026 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiOS 6.4.0 through 6.4.16, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7.0.5 allows attacker to execute unauthorized code or commands via specially crafted packets

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosfortisasefortiswitchmanagerFortiOSFortiSwitchManager
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-24477
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-4||MEDIUM
EPSS-0.02% / 4.56%
||
7 Day CHG~0.00%
Published-15 Jul, 2025 | 08:14
Updated-10 Feb, 2026 | 08:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability in Fortinet FortiOS 7.6.0 through 7.6.2, FortiOS 7.4.0 through 7.4.7, FortiOS 7.2.4 through 7.2.12 allows an attacker to escalate its privileges via a specially crafted CLI command

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2025-22258
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-5.7||MEDIUM
EPSS-0.09% / 24.89%
||
7 Day CHG+0.02%
Published-14 Oct, 2025 | 15:22
Updated-14 Jan, 2026 | 09:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in Fortinet FortiSRA 1.5.0, 1.4.0 through 1.4.2, FortiPAM 1.5.0, 1.4.0 through 1.4.2, 1.3.0 through 1.3.1, 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiProxy 7.6.0 through 7.6.1, 7.4.0 through 7.4.7, FortiOS 7.6.0 through 7.6.2, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.2 through 7.0.16, FortiSwitchManager 7.2.1 through 7.2.5 allows attackers to escalate their privilege via specially crafted http requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiswitchmanagerfortipamfortiosfortisrafortiproxyFortiPAMFortiProxyFortiSwitchManagerFortiSRAFortiOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-24018
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.12% / 31.15%
||
7 Day CHG~0.00%
Published-04 Aug, 2021 | 14:52
Updated-25 Oct, 2024 | 13:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortinet FortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36194
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8.8||HIGH
EPSS-0.76% / 72.88%
||
7 Day CHG~0.00%
Published-09 Dec, 2021 | 08:46
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortinet FortiWeb
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36193
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-6.3||MEDIUM
EPSS-0.50% / 65.22%
||
7 Day CHG~0.00%
Published-02 Feb, 2022 | 11:19
Updated-13 Jan, 2026 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple stack-based buffer overflows in the command line interpreter of FortiWeb before 6.4.2 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted commands.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiwebFortiRecorderFortiDDoS-FFortiDDoS-CMFortiMailFortiVoiceFortiNDRFortiADCFortiFoneFortiDDoSFortiWeb
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-36173
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-8||HIGH
EPSS-0.67% / 70.88%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 18:42
Updated-25 Oct, 2024 | 13:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images.

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortigate-2600ffortigate-1100efortigate_60ffortigate-200ffortigate_2200efortigate_40ffortigate-600efortigate_1800ffortigate_7121ffortigate_3300efortigate-3500ffortigate_3600efortiosfortigate-400eFortinet FortiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-12819
Matching Score-6
Assigner-Fortinet, Inc.
ShareView Details
Matching Score-6
Assigner-Fortinet, Inc.
CVSS Score-5.4||MEDIUM
EPSS-1.29% / 79.34%
||
7 Day CHG~0.00%
Published-19 Dec, 2024 | 07:40
Updated-21 Jan, 2025 | 20:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context

Action-Not Available
Vendor-Fortinet, Inc.
Product-fortiosFortiOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found