CVE-2023-46720

Name of the Vulnerable Software and Affected Versions Fortinet FortiOS versions 6.0.13 through 6.0.18 Fortinet FortiOS versions 6.2.9 through 6.2.16 Fortinet FortiOS versions 6.4.6 through 6.4.15 Fortinet FortiOS versions 7.0.0 through 7.0.12 Fortinet FortiOS versions 7.2.0 through 7.2.7 Fortinet FortiOS versions 7.4.0 through 7.4.1

Description A stack-based buffer overflow in Fortinet FortiOS allows an attacker to execute unauthorized code or commands via specially crafted CLI commands. This issue is related to the command-line interface and may enable an attacker to achieve arbitrary code execution. The exploitation of this issue can allow an attacker to perform unauthorized actions.

Recommendations For Fortinet FortiOS versions 6.0.13 through 6.0.18, update to a version that contains a fix for this issue. For Fortinet FortiOS versions 6.2.9 through 6.2.16, update to a version that contains a fix for this issue. For Fortinet FortiOS versions 6.4.6 through 6.4.15, update to a version that contains a fix for this issue. For Fortinet FortiOS versions 7.0.0 through 7.0.12, update to a version that contains a fix for this issue. For Fortinet FortiOS versions 7.2.0 through 7.2.7, update to a version that contains a fix for this issue. For Fortinet FortiOS versions 7.4.0 through 7.4.1, update to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the command-line interface to minimize the risk of exploitation.