CVE-2021-24018

Severity CVSS v4.0:
Pending analysis
Type:
CWE-787 Out-of-bounds Write
Publication date:
04/08/2021
Last modified:
08/08/2023

Description

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 6.2.10 (excluding)
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:* 6.4.0 (including) 6.4.7 (excluding)
cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*


References to Advisories, Solutions, and Tools