CVE-2023-40718

Summary

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.

Affected Software

VendorProductVersion RangeStatus
FortinetIPS Engine7.321affected
FortinetIPS Engine7.166affected
FortinetIPS Engine6.158affected

Weaknesses

  • CWE-436: Improper access control

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References