Integer Overflow Vulnerability in Fortinet Products
CVE-2021-42755
4.3MEDIUM
Key Information:
- Vendor
Fortinet
- Vendor
- CVE Published:
- 18 July 2022
What is CVE-2021-42755?
An integer overflow vulnerability in several Fortinet products, including FortiSwitch, FortiRecorder, FortiOS, FortiProxy, and FortiVoiceEnterprise, may allow an unauthenticated network-adjacent attacker to exploit the dhcpd daemon, potentially resulting in a denial of service. This could enable attackers to crash the service, disrupting network activities.
Affected Version(s)
Fortinet FortiSwitch, FortiRecorder, FortiVoiceEnterprise, FortiOS, FortiProxy FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10Â and below; FortiOS 7.0.2 and below, 6.4.8Â and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10Â and below