CVE-2021-43072

Summary

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI execute restore image and execute certificate remote operations with the tFTP protocol.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiAnalyzer7.0.0 <= 7.0.2affected
FortinetFortiAnalyzer6.4.0 <= 6.4.7affected
FortinetFortiAnalyzer6.2.0 <= 6.2.12affected
FortinetFortiAnalyzer6.0.0 <= 6.0.12affected
FortinetFortiAnalyzer5.6.0 <= 5.6.11affected
FortinetFortiManager7.0.0 <= 7.0.2affected
FortinetFortiManager6.4.0 <= 6.4.7affected
FortinetFortiManager6.2.0 <= 6.2.12affected
FortinetFortiManager6.0.0 <= 6.0.12affected
FortinetFortiManager5.6.0 <= 5.6.11affected

Weaknesses

  • CWE-120: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References