Headline
CVE-2023-29182: Fortiguard
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.
** PSIRT Advisories**
FortiOS - Buffer overflow in execute extender command
Summary
A stack-based buffer overflow vulnerability [CWE-121] in FortiOS may allow a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.
Affected Products
FortiOS version 7.0.0 through 7.0.3
FortiOS 6.4 all versions
FortiOS 6.2 all versions
Solutions
Please upgrade to FortiOS version 7.4.0 or above
Please upgrade to FortiOS version 7.2.0 or above
Please upgrade to FortiOS version 7.0.4 or above
Timeline
2023-07-28: Initial publication
Related news
Categories: Exploits and vulnerabilities Categories: News Microsoft has announced patches for 87 vulnerabilities this month, including two that are being actively exploited. (Read more...) The post August Patch Tuesday stops actively exploited attack chain and more appeared first on Malwarebytes Labs.