Stack-Buffer Overflow Vulnerability in Fortinet FortiMail CLI
CVE-2024-46663

6.5MEDIUM

Key Information:

Vendor: Fortinet
Status: Fortimail
Vendor: CVE Published:; 11 March 2025

Summary

A stack-buffer overflow vulnerability in Fortinet FortiMail CLI versions 7.6.0 through 7.6.1 and prior to 7.4.3 allows a privileged user to craft specific CLI commands that can lead to the execution of arbitrary code or commands, thereby potentially compromising the security of the affected system.

Affected Version(s)

FortiMail 7.6.0 <= 7.6.1

FortiMail 7.4.0 <= 7.4.3

FortiMail 7.2.0 <= 7.2.7

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-331

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 11, 2025
Vulnerability Reserved
Sep 11, 2024