A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

Threat-Mapped Scoring

Score: 1.8

Priority: P4 - Informational (Low)

• S9 – Sabotage of System/App

EPSS

Score: 0.00078
Percentile: 0.24041

CVSS Scoring

Mapped CWE(s)

• CWE-787 : Out-of-bounds Write

Affected Products

• cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
• cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
• cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*

← Back to Home