Buffer Overflow Vulnerability in FortiOS Could Lead to Unauthorized Code Execution

CVE-2024-23110

7.8HIGH

Key Information

Vendor: Fortinet
Status: FortiOS
Vendor: CVE Published:; 11 June 2024

Badges

📰 News Worthy

Summary

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands

Affected Version(s)

FortiOS <= 7.4.2

FortiOS <= 7.2.6

FortiOS <= 7.0.13

News Articles

CybersecurityNews

CVE-2024-23110

FortiOS Vulnerability Let Attackers Execute Unauthorized Commands

Fortinet has disclosed multiple stack-based buffer overflow vulnerabilities (CVE-2024-23110) in FortiOS's command line interpreter.

3 months ago

OODA Loop - Intelligence

CVE-2024-23110

Fortinet Patches Code Execution Vulnerability in FortiOS

On Tuesday, Fortinet released patches for multiple vulnerabilities in FortiOS and other products, including several that lead to code execution. The most severe, CVE-2024-23110 (CVSS score of 7.4), involves stack-based buffer overflow issues in the command line interpreter, potentially allowing auth...

3 months ago

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

First article discovered by OODA Loop - Intelligence
Jun 12, 2024
Vulnerability published.
Jun 11, 2024
Vulnerability Reserved.
Jan 11, 2024

Collectors

NVD DatabaseMitre Database2 News Article(s)