Local Access Control Vulnerability in Fortinet's Wireless Controller Products
CVE-2021-26093

6.5MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortiwlc
Vendor: CVE Published:; 19 December 2024

What is CVE-2021-26093?

CVE-2021-26093 describes a vulnerability within Fortinet's FortiWLC wireless controller software, specifically versions 8.6.0, 8.5.3, and prior releases. This security flaw involves an uninitialized pointer access (CWE-824), which could empower a local and authenticated attacker to execute specially crafted CLI commands. By doing so, the attacker could potentially crash the managed access point, leading to significant disruptions in network reliability and availability. Organizations using impacted versions are strongly advised to assess their vulnerability management protocols and apply recommended patches to safeguard their network environments.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FortiWLC 8.6.0

FortiWLC 8.5.0 <= 8.5.3

FortiWLC 8.4.4 <= 8.4.8

References

https://fortiguard.com/psirt/FG-IR-21-002

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Dec 19, 2024
Vulnerability Reserved
Jan 25, 2021

JSON

Fortinet

What is CVE-2021-26093?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.