Unrated severityNVD Advisory· Published Dec 19, 2024· Updated Dec 20, 2024
CVE-2020-12819
CVE-2020-12819
Description
A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.