Description
A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.
CVSS breakdown
CVSS 3.1
Attack Vector
Local
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
Low
E
Physical
RL
X
RC
Changed
Affected products
- fortinet / Fortinet FortiOSFortiOS 7.0.0, 6.4.6, 6.2.9 – FortiOS 7.0.0, 6.4.6, 6.2.9