Buffer Overflow Vulnerability in FortiOS Could Lead to Unauthorized Code Execution
CVE-2024-23110

7.8HIGH

Key Information:

Vendor
Fortinet
Status
FortiOS
Vendor
CVE Published:
11 June 2024

Badges

πŸ“° News Worthy

Summary

A vulnerability in Fortinet's FortiOS could allow an attacker to exploit a stack-based buffer overflow by sending specially crafted commands to the system. This flaw affects multiple versions of FortiOS and can lead to unauthorized code execution, potentially compromising the integrity and confidentiality of the affected systems. Security measures are essential to mitigate the risks associated with this vulnerability.

Affected Version(s)

FortiOS 7.4.0 <= 7.4.2

FortiOS 7.2.0 <= 7.2.6

FortiOS 7.0.0 <= 7.0.13

News Articles

favicon imageCybersecurityNews

FortiOS Vulnerability Let Attackers Execute Unauthorized Commands

Fortinet has disclosed multiple stack-based buffer overflow vulnerabilities (CVE-2024-23110) in FortiOS's command line interpreter.

7 months ago

favicon imageOODA Loop - Intelligence

Fortinet Patches Code Execution Vulnerability in FortiOS

On Tuesday, Fortinet released patches for multiple vulnerabilities in FortiOS and other products, including several that lead to code execution. The most severe, CVE-2024-23110 (CVSS score of 7.4), involves stack-based buffer overflow issues in the command line interpreter, potentially allowing auth...

7 months ago

References

https://fortiguard.com/psirt/FG-IR-23-460

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ“°

    First article discovered by OODA Loop - Intelligence

  • Vulnerability published

  • Vulnerability Reserved

.