CVE-2020-12820

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.0.10 and below FortiOS versions 5.6.12 and below

Description The issue is related to a stack-based buffer overflow in the FortiClient NAC daemon (fcnacd) that can be exploited by a remote attacker authenticated to the SSL VPN. This can potentially allow the attacker to crash the daemon or execute arbitrary code by requesting a large FortiClient file name. There is no known proof of concept code that successfully achieves the execution of arbitrary code.

Recommendations For FortiOS versions 6.0.10 and below, consider updating to a version above 6.0.10 to mitigate the risk. For FortiOS versions 5.6.12 and below, consider updating to a version above 5.6.12 to mitigate the risk. As a temporary workaround, consider restricting access to the FortiClient NAC daemon (fcnacd) to minimize the risk of exploitation. Avoid using large file names in the FortiClient configuration to prevent potential crashes of the daemon.