Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-29182: Fortiguard

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.

CVE
#vulnerability#ios#buffer_overflow

** PSIRT Advisories**

FortiOS - Buffer overflow in execute extender command

Summary

A stack-based buffer overflow vulnerability [CWE-121] in FortiOS may allow a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.

Affected Products

FortiOS version 7.0.0 through 7.0.3
FortiOS 6.4 all versions
FortiOS 6.2 all versions

Solutions

Please upgrade to FortiOS version 7.4.0 or above
Please upgrade to FortiOS version 7.2.0 or above
Please upgrade to FortiOS version 7.0.4 or above

Timeline

2023-07-28: Initial publication

Related news

August Patch Tuesday stops actively exploited attack chain and more

Categories: Exploits and vulnerabilities Categories: News Microsoft has announced patches for 87 vulnerabilities this month, including two that are being actively exploited. (Read more...) The post August Patch Tuesday stops actively exploited attack chain and more appeared first on Malwarebytes Labs.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907