CVE-2023-25610

Description

A buffer underwrite ('buffer underflow') vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Physical

Unchanged

Changed

Affected products

fortinet / fortianalyzer7.0.0 – 7.0.0
fortinet / fortianalyzer6.4.11 – 6.4.11
fortinet / fortianalyzer6.4.10 – 6.4.10
fortinet / fortianalyzer6.4.9 – 6.4.9
fortinet / fortianalyzer6.4.8 – 6.4.8
fortinet / fortianalyzer6.4.7 – 6.4.7
fortinet / fortianalyzer6.4.6 – 6.4.6
fortinet / fortianalyzer6.4.5 – 6.4.5
fortinet / fortianalyzer6.4.4 – 6.4.4
fortinet / fortianalyzer6.4.3 – 6.4.3
fortinet / fortianalyzer6.4.2 – 6.4.2
fortinet / fortianalyzer6.4.1 – 6.4.1
fortinet / fortianalyzer6.4.0 – 6.4.0
fortinet / fortianalyzer6.2.10 – 6.2.10
fortinet / fortianalyzer6.2.9 – 6.2.9
fortinet / fortianalyzer7.2.0 – 7.2.0
fortinet / fortianalyzer7.0.4 – 7.0.4
fortinet / fortianalyzer6.2.8 – 6.2.8
fortinet / fortianalyzer6.2.7 – 6.2.7
fortinet / fortianalyzer6.2.6 – 6.2.6
fortinet / fortianalyzer6.2.5 – 6.2.5
fortinet / fortianalyzer6.2.4 – 6.2.4
fortinet / fortianalyzer6.2.3 – 6.2.3
fortinet / fortianalyzer6.2.2 – 6.2.2
fortinet / fortianalyzer6.2.1 – 6.2.1
fortinet / fortianalyzer6.2.0 – 6.2.0
fortinet / fortianalyzer6.0.11 – 6.0.11
fortinet / fortianalyzer6.0.10 – 6.0.10
fortinet / fortianalyzer6.0.9 – 6.0.9
fortinet / fortianalyzer6.0.8 – 6.0.8
fortinet / fortianalyzer6.0.7 – 6.0.7
fortinet / fortianalyzer6.0.6 – 6.0.6
fortinet / fortianalyzer6.0.5 – 6.0.5
fortinet / fortianalyzer6.0.4 – 6.0.4
fortinet / fortianalyzer6.0.3 – 6.0.3
fortinet / fortianalyzer6.0.2 – 6.0.2
fortinet / fortianalyzer6.0.1 – 6.0.1
fortinet / fortianalyzer6.0.0 – 6.0.0
fortinet / fortianalyzer7.0.2 – 7.0.2
fortinet / fortianalyzer7.0.1 – 7.0.1
fortinet / fortianalyzer7.0.3 – 7.0.3
fortinet / fortimanager6.2.5 – 6.2.5
fortinet / fortimanager6.0.1 – 6.0.1
fortinet / fortimanager6.0.2 – 6.0.2
fortinet / fortimanager6.0.3 – 6.0.3
fortinet / fortimanager6.0.4 – 6.0.4
fortinet / fortimanager6.0.5 – 6.0.5
fortinet / fortimanager6.0.6 – 6.0.6
fortinet / fortimanager6.0.7 – 6.0.7
fortinet / fortimanager6.0.8 – 6.0.8
fortinet / fortimanager6.0.9 – 6.0.9
fortinet / fortimanager6.0.10 – 6.0.10
fortinet / fortimanager6.0.11 – 6.0.11
fortinet / fortimanager6.2.4 – 6.2.4
fortinet / fortimanager6.2.0 – 6.2.0
fortinet / fortimanager6.2.1 – 6.2.1
fortinet / fortimanager6.2.2 – 6.2.2
fortinet / fortimanager6.2.3 – 6.2.3
fortinet / fortimanager6.0.0 – 6.0.0
fortinet / fortimanager7.2.0 – 7.2.0
fortinet / fortimanager7.0.4 – 7.0.4
fortinet / fortimanager7.0.3 – 7.0.3
fortinet / fortimanager7.0.2 – 7.0.2
fortinet / fortimanager7.0.1 – 7.0.1
fortinet / fortimanager7.0.0 – 7.0.0
fortinet / fortimanager6.4.11 – 6.4.11
fortinet / fortimanager6.4.10 – 6.4.10
fortinet / fortimanager6.4.9 – 6.4.9
fortinet / fortimanager6.4.8 – 6.4.8
fortinet / fortimanager6.4.7 – 6.4.7
fortinet / fortimanager6.4.6 – 6.4.6
fortinet / fortimanager6.4.5 – 6.4.5
fortinet / fortimanager6.4.4 – 6.4.4
fortinet / fortimanager6.4.3 – 6.4.3
fortinet / fortimanager6.4.2 – 6.4.2
fortinet / fortimanager6.4.1 – 6.4.1
fortinet / fortimanager6.4.0 – 6.4.0
fortinet / fortimanager6.2.10 – 6.2.10
fortinet / fortimanager6.2.9 – 6.2.9
fortinet / fortimanager6.2.8 – 6.2.8
fortinet / fortimanager6.2.7 – 6.2.7
fortinet / fortimanager6.2.6 – 6.2.6
fortinet / FortiOS5.4.5 – 5.4.5
fortinet / FortiOS5.4.4 – 5.4.4
fortinet / FortiOS5.4.3 – 5.4.3
fortinet / FortiOS5.4.2 – 5.4.2
fortinet / FortiOS5.4.1 – 5.4.1
fortinet / FortiOS5.4.0 – 5.4.0
fortinet / FortiOS5.2.15 – 5.2.15
fortinet / FortiOS5.2.14 – 5.2.14
fortinet / FortiOS5.2.13 – 5.2.13
fortinet / FortiOS5.2.12 – 5.2.12
fortinet / FortiOS5.2.11 – 5.2.11
fortinet / FortiOS5.2.10 – 5.2.10
fortinet / FortiOS5.2.9 – 5.2.9
fortinet / FortiOS5.2.8 – 5.2.8
fortinet / FortiOS5.2.7 – 5.2.7
fortinet / FortiOS5.2.6 – 5.2.6
fortinet / FortiOS5.2.5 – 5.2.5
fortinet / FortiOS5.2.4 – 5.2.4
fortinet / FortiOS5.2.3 – 5.2.3
fortinet / FortiOS5.2.2 – 5.2.2
fortinet / FortiOS5.2.1 – 5.2.1
fortinet / FortiOS5.2.0 – 5.2.0
fortinet / FortiOS5.0.14 – 5.0.14
fortinet / FortiOS5.0.13 – 5.0.13
fortinet / FortiOS5.0.12 – 5.0.12
fortinet / FortiOS5.0.11 – 5.0.11
fortinet / FortiOS5.0.10 – 5.0.10
fortinet / FortiOS5.0.9 – 5.0.9
fortinet / FortiOS5.0.8 – 5.0.8
fortinet / FortiOS5.0.6 – 5.0.6
fortinet / FortiOS5.0.5 – 5.0.5
fortinet / FortiOS5.0.4 – 5.0.4
fortinet / FortiOS5.0.3 – 5.0.3
fortinet / FortiOS5.0.2 – 5.0.2
fortinet / FortiOS5.0.1 – 5.0.1
fortinet / FortiOS5.0.0 – 5.0.0
fortinet / FortiOS5.0.7 – 5.0.7
fortinet / FortiOS7.2.3 – 7.2.3
fortinet / FortiOS7.2.2 – 7.2.2
fortinet / FortiOS7.2.1 – 7.2.1
fortinet / FortiOS7.2.0 – 7.2.0
fortinet / FortiOS7.0.9 – 7.0.9
fortinet / FortiOS7.0.8 – 7.0.8
fortinet / FortiOS7.0.7 – 7.0.7
fortinet / FortiOS7.0.6 – 7.0.6
fortinet / FortiOS7.0.5 – 7.0.5
fortinet / FortiOS7.0.4 – 7.0.4
fortinet / FortiOS7.0.3 – 7.0.3
fortinet / FortiOS7.0.2 – 7.0.2
fortinet / FortiOS7.0.1 – 7.0.1
fortinet / FortiOS7.0.0 – 7.0.0
fortinet / FortiOS6.4.11 – 6.4.11
fortinet / FortiOS6.4.10 – 6.4.10
fortinet / FortiOS6.4.9 – 6.4.9
fortinet / FortiOS6.4.8 – 6.4.8
fortinet / FortiOS6.4.7 – 6.4.7
fortinet / FortiOS6.4.6 – 6.4.6
fortinet / FortiOS6.4.5 – 6.4.5
fortinet / FortiOS6.4.4 – 6.4.4
fortinet / FortiOS6.4.3 – 6.4.3
fortinet / FortiOS6.4.2 – 6.4.2
fortinet / FortiOS6.4.1 – 6.4.1
fortinet / FortiOS6.4.0 – 6.4.0
fortinet / FortiOS6.2.12 – 6.2.12
fortinet / FortiOS6.2.11 – 6.2.11
fortinet / FortiOS6.2.10 – 6.2.10
fortinet / FortiOS6.2.9 – 6.2.9
fortinet / FortiOS6.2.8 – 6.2.8
fortinet / FortiOS6.2.7 – 6.2.7
fortinet / FortiOS6.2.6 – 6.2.6
fortinet / FortiOS6.2.5 – 6.2.5
fortinet / FortiOS6.2.4 – 6.2.4
fortinet / FortiOS6.2.3 – 6.2.3
fortinet / FortiOS6.2.2 – 6.2.2
fortinet / FortiOS6.2.1 – 6.2.1
fortinet / FortiOS6.2.0 – 6.2.0
fortinet / FortiOS6.0.18 – 6.0.18
fortinet / FortiOS6.0.17 – 6.0.17
fortinet / FortiOS6.0.16 – 6.0.16
fortinet / FortiOS6.0.15 – 6.0.15
fortinet / FortiOS6.0.14 – 6.0.14
fortinet / FortiOS6.0.13 – 6.0.13
fortinet / FortiOS6.0.12 – 6.0.12
fortinet / FortiOS6.0.11 – 6.0.11
fortinet / FortiOS6.0.10 – 6.0.10
fortinet / FortiOS6.0.9 – 6.0.9
fortinet / FortiOS6.0.8 – 6.0.8
fortinet / FortiOS6.0.7 – 6.0.7
fortinet / FortiOS6.0.6 – 6.0.6
fortinet / FortiOS6.0.5 – 6.0.5
fortinet / FortiOS6.0.4 – 6.0.4
fortinet / FortiOS6.0.3 – 6.0.3
fortinet / FortiOS6.0.2 – 6.0.2
fortinet / FortiOS6.0.1 – 6.0.1
fortinet / FortiOS6.0.0 – 6.0.0
fortinet / FortiOS5.6.14 – 5.6.14
fortinet / FortiOS5.6.13 – 5.6.13
fortinet / FortiOS5.6.12 – 5.6.12
fortinet / FortiOS5.6.11 – 5.6.11
fortinet / FortiOS5.6.10 – 5.6.10
fortinet / FortiOS5.6.9 – 5.6.9
fortinet / FortiOS5.6.8 – 5.6.8
fortinet / FortiOS5.6.7 – 5.6.7
fortinet / FortiOS5.6.6 – 5.6.6
fortinet / FortiOS5.6.5 – 5.6.5
fortinet / FortiOS5.6.4 – 5.6.4
fortinet / FortiOS5.6.3 – 5.6.3
fortinet / FortiOS5.6.2 – 5.6.2
fortinet / FortiOS5.6.1 – 5.6.1
fortinet / FortiOS5.6.0 – 5.6.0
fortinet / FortiOS5.4.13 – 5.4.13
fortinet / FortiOS5.4.12 – 5.4.12
fortinet / FortiOS5.4.11 – 5.4.11
fortinet / FortiOS5.4.10 – 5.4.10
fortinet / FortiOS5.4.9 – 5.4.9
fortinet / FortiOS5.4.8 – 5.4.8
fortinet / FortiOS5.4.7 – 5.4.7
fortinet / FortiOS5.4.6 – 5.4.6
fortinet / FortiOS-6K7K6.4.10 – 6.4.10
fortinet / FortiOS-6K7K6.2.9 – 6.2.12
fortinet / FortiOS-6K7K6.4.2 – 6.4.2
fortinet / FortiOS-6K7K6.4.6 – 6.4.6
fortinet / FortiOS-6K7K6.4.8 – 6.4.8
fortinet / FortiOS-6K7K7.0.5 – 7.0.5
fortinet / FortiOS-6K7K6.0.10 – 6.0.10
fortinet / FortiOS-6K7K6.0.12 – 6.0.18
fortinet / FortiOS-6K7K6.2.4 – 6.2.4
fortinet / FortiOS-6K7K6.2.6 – 6.2.7
fortinet / fortiproxy1.1.0 – 1.1.6
fortinet / fortiproxy1.2.0 – 1.2.13
fortinet / fortiproxy2.0.0 – 2.0.14
fortinet / fortiproxy7.0.0 – 7.0.8
fortinet / fortiproxy7.2.0 – 7.2.2
fortinet / fortiswitchmanager7.2.0 – 7.2.1
fortinet / fortiswitchmanager7.0.0 – 7.0.1
fortinet / fortiweb7.2.0 – 7.2.1
fortinet / fortiweb7.0.0 – 7.0.6
fortinet / fortiweb6.4.0 – 6.4.2
fortinet / fortiweb6.3.0 – 6.3.22
fortinet / fortiweb6.2.0 – 6.2.7
fortinet / fortiweb6.1.0 – 6.1.3

References

VENDOR_ADVISORYhttps://fortiguard.com/psirt/FG-IR-23-001