CVE-2020-12819

Summary

A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context

Affected Software

VendorProductVersion RangeStatus
FortinetFortiOS6.4.0 <= 6.4.1affected
FortinetFortiOS6.2.0 <= 6.2.4affected
FortinetFortiOS6.0.0 <= 6.0.10affected
FortinetFortiOS5.6.0 <= 5.6.12affected

Weaknesses

  • CWE-122: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References