CVE-2023-29182

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions prior to 7.0.3

Description A stack-based buffer overflow vulnerability in Fortinet FortiOS allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections. This issue is related to reading data beyond the boundaries of a buffer in memory.

Recommendations For Fortinet FortiOS versions prior to 7.0.3, update to version 7.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the CLI commands to minimize the risk of exploitation. Additionally, ensure that FortiOS stack protections are enabled and properly configured to prevent attackers from evading these protections.