CVE-2017-14187

Name of the Vulnerable Software and Affected Versions: Fortinet FortiOS versions 5.2 and below Fortinet FortiOS versions 5.4.0 through 5.4.8 Fortinet FortiOS versions 5.6.0 through 5.6.2

Description: A local privilege escalation and local code execution issue in Fortinet FortiOS allows an attacker to execute unauthorized binary programs contained on a USB drive plugged into a FortiGate. This is achieved by linking the binary program to a command that is allowed to be run by the fnsysctl CLI command. The issue is caused by access control errors in the operating system. An admin user with super admin privileges can exploit this issue to execute arbitrary binaries.

Recommendations: For Fortinet FortiOS versions 5.2 and below, update to a version above 5.2 to resolve the issue. For Fortinet FortiOS versions 5.4.0 through 5.4.8, update to a version above 5.4.8 to resolve the issue. For Fortinet FortiOS versions 5.6.0 through 5.6.2, update to a version above 5.6.2 to resolve the issue. As a temporary workaround, consider restricting access to the fnsysctl CLI command to minimize the risk of exploitation.