CVE-2021-43072

Name of the Vulnerable Software and Affected Versions FortiAnalyzer versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below FortiManager versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below FortiOS versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x FortiProxy versions 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x, 1.0.x

Description The issue is related to a buffer copy without checking the size of input, also known as a 'classic buffer overflow', in the command-line interface (CLI) of Fortinet products. This can allow an attacker to execute unauthorized code or commands via crafted CLI operations, specifically execute restore image and execute certificate remote, using the TFTP protocol.

Recommendations For FortiAnalyzer versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below: Update to a version that is not affected by this issue. For FortiManager versions 7.0.2 and below, 6.4.7 and below, 6.2.9 and below, 6.0.11 and below, 5.6.11 and below: Update to a version that is not affected by this issue. For FortiOS versions 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x: Update to a version that is not affected by this issue. For FortiProxy versions 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x, 1.0.x: Update to a version that is not affected by this issue. As a temporary workaround, consider disabling the execute restore image and execute certificate remote functions until a patch is available. Restrict access to the TFTP protocol to minimize the risk of exploitation.