VYPR
Unrated severityNVD Advisory· Published Dec 19, 2024· Updated Dec 20, 2024

CVE-2020-12820

CVE-2020-12820

Description

Under non-default configuration, a stack-based buffer overflow in FortiOS version 6.0.10 and below, version 5.6.12 and below may allow a remote attacker authenticated to the SSL VPN to crash the FortiClient NAC daemon (fcnacd) and potentially execute arbitrary code via requesting a large FortiClient file name. We are not aware of proof of concept code successfully achieving the latter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1
  • cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*
    Range: 6.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.