CVE-2021-44168

Name of the Vulnerable Software and Affected Versions FortiOS versions prior to 7.0.3

Description A download of code without integrity check vulnerability in the "execute restore src-vis" command may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. Exploitation of this issue has been observed, with indicators of compromise including unexpected files and processes on the FortiGate device, as well as unexpected traffic to command and control servers.

Recommendations For FortiOS versions prior to 7.0.3, update to version 7.0.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "execute restore src-vis" command to minimize the risk of exploitation. Additionally, validate your systems for indicators of compromise, including unexpected files and processes, and monitor for unexpected traffic to command and control servers.