CVE-2021-36173

Name of the Vulnerable Software and Affected Versions FortiOS versions 6.0.0 through 6.0.13 FortiOS versions 6.2.0 through 6.2.9 FortiOS versions 6.4.0 through 6.4.6 FortiOS versions 7.0.0 through 7.0.1

Description The issue is related to a heap-based buffer overflow in the firmware signature verification function of FortiOS. This overflow can be exploited by an attacker to execute arbitrary code via specially crafted installation images.

Recommendations For FortiOS versions 6.0.0 through 6.0.13, update to a version that fixes the heap-based buffer overflow in the firmware signature verification function. For FortiOS versions 6.2.0 through 6.2.9, update to a version that fixes the heap-based buffer overflow in the firmware signature verification function. For FortiOS versions 6.4.0 through 6.4.6, update to a version that fixes the heap-based buffer overflow in the firmware signature verification function. For FortiOS versions 7.0.0 through 7.0.1, update to a version that fixes the heap-based buffer overflow in the firmware signature verification function. As a temporary workaround, consider restricting the use of the firmware signature verification function until a patch is available.