CVE-2024-35276

Name of the Vulnerable Software and Affected Versions: FortiAnalyzer versions 6.4.0 through 6.4.14 FortiAnalyzer versions 7.0.0 through 7.0.12 FortiAnalyzer versions 7.2.0 through 7.2.5 FortiAnalyzer versions 7.4.0 through 7.4.3 FortiAnalyzer Cloud versions 6.4.1 through 6.4.7 FortiAnalyzer Cloud versions 7.0.1 through 7.0.11 FortiAnalyzer Cloud versions 7.2.1 through 7.2.5 FortiAnalyzer Cloud versions 7.4.1 through 7.4.3 FortiManager versions 6.4.0 through 6.4.14 FortiManager versions 7.0.0 through 7.0.12 FortiManager versions 7.2.0 through 7.2.5 FortiManager versions 7.4.0 through 7.4.3 FortiManager Cloud versions 6.4.1 through 6.4.7 FortiManager Cloud versions 7.0.1 through 7.0.11 FortiManager Cloud versions 7.2.1 through 7.2.5 FortiManager Cloud versions 7.4.1 through 7.4.3

Description: A stack-based buffer overflow allows attackers to execute unauthorized code or commands via specially crafted packets.

Recommendations: For FortiAnalyzer versions 6.4.0 through 6.4.14, update to a version outside of this range. For FortiAnalyzer versions 7.0.0 through 7.0.12, update to a version outside of this range. For FortiAnalyzer versions 7.2.0 through 7.2.5, update to a version outside of this range. For FortiAnalyzer versions 7.4.0 through 7.4.3, update to a version outside of this range. For FortiAnalyzer Cloud versions 6.4.1 through 6.4.7, update to a version outside of this range. For FortiAnalyzer Cloud versions 7.0.1 through 7.0.11, update to a version outside of this range. For FortiAnalyzer Cloud versions 7.2.1 through 7.2.5, update to a version outside of this range. For FortiAnalyzer Cloud versions 7.4.1 through 7.4.3, update to a version outside of this range. For FortiManager versions 6.4.0 through 6.4.14, update to a version outside of this range. For FortiManager versions 7.0.0 through 7.0.12, update to a version outside of this range. For FortiManager versions 7.2.0 through 7.2.5, update to a version outside of this range. For FortiManager versions 7.4.0 through 7.4.3, update to a version outside of this range. For FortiManager Cloud versions 6.4.1 through 6.4.7, update to a version outside of this range. For FortiManager Cloud versions 7.0.1 through 7.0.11, update to a version outside of this range. For FortiManager Cloud versions 7.2.1 through 7.2.5, update to a version outside of this range. For FortiManager Cloud versions 7.4.1 through 7.4.3, update to a version outside of this range. As a temporary workaround, consider restricting access to the vulnerable systems until a patch is available.