CVE-2018-1352

Name of the Vulnerable Software and Affected Versions FortiOS version 5.6.0

Description The issue is caused by a format string vulnerability in the handling of the username variable when connecting via SSH. This vulnerability may allow a remote attacker to execute unauthorized code or commands, potentially leading to memory corruption.

Recommendations For FortiOS version 5.6.0, consider restricting access to SSH connections until a patch is available. As a temporary workaround, avoid using the username variable in SSH connections to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.