CVE-2024-23110

Summary

A stack-based buffer overflow in Fortinet FortiOS version 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0 all versions allows attacker to execute unauthorized code or commands via specially crafted commands

Affected Software

VendorProductVersion RangeStatus
FortinetFortiOS7.4.0 <= 7.4.2affected
FortinetFortiOS7.2.0 <= 7.2.6affected
FortinetFortiOS7.0.0 <= 7.0.13affected
FortinetFortiOS6.4.0 <= 6.4.14affected
FortinetFortiOS6.2.0 <= 6.2.15affected
FortinetFortiOS6.0.0 <= 6.0.18affected

Weaknesses

  • CWE-121: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References