CVE-2023-46720

Summary

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.7 and 7.0.0 through 7.0.12 and 6.4.6 through 6.4.15 and 6.2.9 through 6.2.16 and 6.0.13 through 6.0.18 allows attacker to execute unauthorized code or commands via specially crafted CLI commands.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiOS7.4.0 <= 7.4.1affected
FortinetFortiOS7.2.0 <= 7.2.7affected
FortinetFortiOS7.0.0 <= 7.0.12affected
FortinetFortiOS6.4.6 <= 6.4.15affected
FortinetFortiOS6.2.9 <= 6.2.16affected
FortinetFortiOS6.0.13 <= 6.0.18affected

Weaknesses

  • CWE-121: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References