CISA Known Exploited Vulnerability (KEV)
Fortinet FortiOS Out-of-Bound Write Vulnerability
February 9, 2024
February 16, 2024
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Description
A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7 allows attacker to execute unauthorized code or commands via specifically crafted requests
References
Weakness Enumeration
CWE-ID | CWE Name |
---|---|
CWE-787 |
Out-of-bounds Write |