CVE-2026-22627

Summary

A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet.

Affected Software

VendorProductVersion RangeStatus
FortinetFortiSwitchAXFixed1.0.0 <= 1.0.1affected

Weaknesses

  • CWE-120: Execute unauthorized code or commands

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References