VYPR
Unrated severityNVD Advisory· Published Jun 23, 2023· Updated Oct 23, 2024

CVE-2023-33299

CVE-2023-33299

Description

A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.

Affected products

2
  • Fortinet/Fortinac Fllm-fuzzy2 versions
    <7.2.1, <9.4.3, <9.2.8 and all 8.x+ 1 more
    • (no CPE)range: <7.2.1, <9.4.3, <9.2.8 and all 8.x
    • (no CPE)range: 9.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.