VYPR
Unrated severityCISA KEVNVD Advisory· Published Feb 15, 2024· Updated Oct 21, 2025

CVE-2024-23113

CVE-2024-23113

Description

A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.

Affected products

8
  • Fortinet/Fortiswitchmanagerllm-fuzzy2 versions
    >=7.0.0, <=7.0.3 || >=7.2.0, <=7.2.3+ 1 more
    • (no CPE)range: >=7.0.0, <=7.0.3 || >=7.2.0, <=7.2.3
    • (no CPE)range: 7.2.0
  • Fortinet/Fortiproxyllm-fuzzy2 versions
    >=7.0.0, <=7.0.14 || >=7.2.0, <=7.2.8 || >=7.4.0, <=7.4.2+ 1 more
    • (no CPE)range: >=7.0.0, <=7.0.14 || >=7.2.0, <=7.2.8 || >=7.4.0, <=7.4.2
    • (no CPE)range: 7.4.0
  • Fortinet/Fortipamllm-fuzzy2 versions
    1.0.0–1.0.3 || 1.1.0–1.1.2 || =1.2.0+ 1 more
    • (no CPE)range: 1.0.0–1.0.3 || 1.1.0–1.1.2 || =1.2.0
    • (no CPE)range: 1.2.0
  • Fortinet/Fortiosllm-fuzzy2 versions
    >=7.0.0, <=7.0.13 || >=7.2.0, <=7.2.6 || >=7.4.0, <=7.4.2+ 1 more
    • (no CPE)range: >=7.0.0, <=7.0.13 || >=7.2.0, <=7.2.6 || >=7.4.0, <=7.4.2
    • (no CPE)range: 7.4.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.