FortiManager: Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, For…
Summary
A Stack-based Buffer Overflow vulnerability [CWE-121] vulnerability in Fortinet FortiManager 7.4.0 through 7.4.2, FortiManager 7.2.0 through 7.2.10, FortiManager 6.4 all versions may allow a remote unauthenticated attacker to execute unauthorized commands via crafted requests, if the service is enabled. The success of the attack depends on the ability to bypass the stack protection mechanisms.
- FortiManager 7.4: 7.4.0 through 7.4.2
- FortiManager 7.2: 7.2.0 through 7.2.10
- FortiManager 6.4: 6.4 all versions
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
- FortiManager 7.4: 7.4.3
- FortiManager 7.2: 7.2.11
- FortiManager 6.4: migrate to a fixed release
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Mitigation checklist
- Upgrade per the Affected/Solution table: FortiManager 7.4: 7.4.3; FortiManager 7.2: 7.2.11; FortiManager 6.4: migrate to a fixed release.
- config system interfaceedit <portID>set serviceaccess <service>end
- Where <service> is not "fgtupdates".
- https://docs.fortinet.com/document/fortimanager/7.4.2/administration-guide/581288/configure-a-fortimanager-without-internet-connectivity-to-access-a-local-fortimanager-as-fds
Official advisory · high-confidence parse· fetched 7 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.