VYPR
Unrated severityNVD Advisory· Published Dec 8, 2021· Updated Oct 25, 2024

CVE-2021-36173

CVE-2021-36173

Description

A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images.

Affected products

2
  • Fortinet/Fortiosllm-fuzzy
    Range: >=6.0.0, <=6.0.13, >=6.2.0, <=6.2.9, >=6.4.0, <=6.4.6, =7.0.0, =7.0.1
  • Fortinet/Fortinetcpe-rescue
    Range: FortiOS 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, 6.0.0 through 6.0.13

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.