VYPR
Medium severity6.2NVD Advisory· Published May 24, 2018· Updated Jun 17, 2026

CVE-2017-14187

CVE-2017-14187

Description

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy2 versions
    5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below+ 1 more
    • (no CPE)range: 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below
    • (no CPE)range: 5.6.0 to 5.6.2

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.