Vulnerabilities > CVE-2021-24018 - Out-of-bounds Write vulnerability in Fortinet Fortios

CVSS 8.8 - HIGH

Attack vector

ADJACENT_NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

low complexity

fortinet

CWE-787

NVD

Published: 2021-08-04

Updated: 2023-08-08

Summary

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

Vulnerable Configurations

Part	Description	Count
OS	Fortinet Fortinet Fortios 7.0.0 Fortinet Fortios 3.1.0 Fortinet Fortios 3.2.0 Fortinet Fortios 3.3.0 Fortinet Fortios 3.3.3 Fortinet Fortios 3.3.5 Fortinet Fortios 3.3.6 Fortinet Fortios 3.3.7 Fortinet Fortios 3.3.8 Fortinet Fortios 3.3.9 Fortinet Fortios 3.3.10 Fortinet Fortios 3.3.11 Fortinet Fortios 3.3.12 Fortinet Fortios 3.3.13 Fortinet Fortios 3.3.14 Fortinet Fortios 3.4.0 Fortinet Fortios 3.4.1 Fortinet Fortios 3.4.2 Fortinet Fortios 3.4.3 Fortinet Fortios 3.4.4 Fortinet Fortios 3.4.5 Fortinet Fortios 3.5.0 Fortinet Fortios 3.5.1 Fortinet Fortios 3.5.2 Fortinet Fortios 3.5.3 Fortinet Fortios 3.5.4 Fortinet Fortios 3.5.5 Fortinet Fortios 3.5.6 Fortinet Fortios 3.5.7 Fortinet Fortios 3.6.0 Fortinet Fortios 3.6.1 Fortinet Fortios 3.6.2 Fortinet Fortios 3.6.3 Fortinet Fortios 3.6.4 Fortinet Fortios 3.6.5 Fortinet Fortios 3.6.6 Fortinet Fortios 3.7.0 Fortinet Fortios 3.7.1 Fortinet Fortios 3.7.2 Fortinet Fortios 3.7.3 Fortinet Fortios 3.7.4 Fortinet Fortios 3.7.5 Fortinet Fortios 3.7.6 Fortinet Fortios 3.7.7 Fortinet Fortios 3.7.8 Fortinet Fortios 3.7.9 Fortinet Fortios 3.7.10 Fortinet Fortios 4.0.0 Fortinet Fortios 4.0.1 Fortinet Fortios 4.0.2 Fortinet Fortios 4.0.3 Fortinet Fortios 4.0.4 Fortinet Fortios 4.1.0 Fortinet Fortios 4.1.1 Fortinet Fortios 4.1.2 Fortinet Fortios 4.1.3 Fortinet Fortios 4.1.4 Fortinet Fortios 4.1.5 Fortinet Fortios 4.1.6 Fortinet Fortios 4.1.7 Fortinet Fortios 4.1.8 Fortinet Fortios 4.1.9 Fortinet Fortios 4.1.10 Fortinet Fortios 4.1.11 Fortinet Fortios 4.2.0 Fortinet Fortios 4.2.1 Fortinet Fortios 4.2.2 Fortinet Fortios 4.2.3 Fortinet Fortios 4.2.4 Fortinet Fortios 4.2.5 Fortinet Fortios 4.2.6 Fortinet Fortios 4.2.7 Fortinet Fortios 4.2.8 Fortinet Fortios 4.2.9 Fortinet Fortios 4.2.10 Fortinet Fortios 4.2.11 Fortinet Fortios 4.2.12 Fortinet Fortios 4.2.13 Fortinet Fortios 4.2.14 Fortinet Fortios 4.2.15 Fortinet Fortios 4.2.16 Fortinet Fortios 4.3.0 Fortinet Fortios 4.3.1 Fortinet Fortios 4.3.2 Fortinet Fortios 4.3.3 Fortinet Fortios 4.3.4 Fortinet Fortios 4.3.5 Fortinet Fortios 4.3.6 Fortinet Fortios 4.3.7 Fortinet Fortios 4.3.8 Fortinet Fortios 4.3.9 Fortinet Fortios 4.3.10 Fortinet Fortios 4.3.11 Fortinet Fortios 4.3.12 Fortinet Fortios 4.3.13 Fortinet Fortios 4.3.14 Fortinet Fortios 4.3.15 Fortinet Fortios 4.3.16 Fortinet Fortios 4.3.17 Fortinet Fortios 4.3.18 Fortinet Fortios 4.3.19 Fortinet Fortios 5.0 Fortinet Fortios 5.0.0 Fortinet Fortios 5.0.1 Fortinet Fortios 5.0.2 Fortinet Fortios 5.0.3 Fortinet Fortios 5.0.4 Fortinet Fortios 5.0.5 Fortinet Fortios 5.0.6 Fortinet Fortios 5.0.7 Fortinet Fortios 5.0.8 Fortinet Fortios 5.0.9 Fortinet Fortios 5.0.10 Fortinet Fortios 5.0.11 Fortinet Fortios 5.0.12 Fortinet Fortios 5.0.13 Fortinet Fortios 5.0.14 Fortinet Fortios 5.2.0 Fortinet Fortios 5.2.1 Fortinet Fortios 5.2.2 Fortinet Fortios 5.2.3 Fortinet Fortios 5.2.4 Fortinet Fortios 5.2.5 Fortinet Fortios 5.2.6 Fortinet Fortios 5.2.7 Fortinet Fortios 5.2.8 Fortinet Fortios 5.2.9 Fortinet Fortios 5.2.10 Fortinet Fortios 5.2.11 Fortinet Fortios 5.2.12 Fortinet Fortios 5.2.13 Fortinet Fortios 5.2.14 Fortinet Fortios 5.2.15 Fortinet Fortios 5.4 Fortinet Fortios 5.4.0 Fortinet Fortios 5.4.1 Fortinet Fortios 5.4.2 Fortinet Fortios 5.4.3 Fortinet Fortios 5.4.4 Fortinet Fortios 5.4.5 Fortinet Fortios 5.4.6 Fortinet Fortios 5.4.7 Fortinet Fortios 5.4.8 Fortinet Fortios 5.4.9 Fortinet Fortios 5.4.10 Fortinet Fortios 5.4.11 Fortinet Fortios 5.4.12 Fortinet Fortios 5.4.13 Fortinet Fortios 5.6.0 Fortinet Fortios 5.6.1 Fortinet Fortios 5.6.2 Fortinet Fortios 5.6.3 Fortinet Fortios 5.6.4 Fortinet Fortios 5.6.5 Fortinet Fortios 5.6.6 Fortinet Fortios 5.6.7 Fortinet Fortios 5.6.8 Fortinet Fortios 5.6.9 Fortinet Fortios 5.6.10 Fortinet Fortios 5.6.11 Fortinet Fortios 5.6.12 Fortinet Fortios 5.6.13 Fortinet Fortios 5.6.14 Fortinet Fortios 6.0.0 Fortinet Fortios 6.0.1 Fortinet Fortios 6.0.2 Fortinet Fortios 6.0.3 Fortinet Fortios 6.0.4 Fortinet Fortios 6.0.5 Fortinet Fortios 6.0.6 Fortinet Fortios 6.0.7 Fortinet Fortios 6.0.8 Fortinet Fortios 6.0.9 Fortinet Fortios 6.0.10 Fortinet Fortios 6.0.11 Fortinet Fortios 6.0.12 Fortinet Fortios 6.0.13 Fortinet Fortios 6.0.14 Fortinet Fortios 6.0.15 Fortinet Fortios 6.0.16 Fortinet Fortios 6.0.17 Fortinet Fortios 6.2.0 Fortinet Fortios 6.2.1 Fortinet Fortios 6.2.2 Fortinet Fortios 6.2.3 Fortinet Fortios 6.2.4 Fortinet Fortios 6.2.5 Fortinet Fortios 6.2.6 Fortinet Fortios 6.2.7 Fortinet Fortios 6.2.8 Fortinet Fortios 6.2.9 Fortinet Fortios 6.4.0 Fortinet Fortios 6.4.1 Fortinet Fortios 6.4.2 Fortinet Fortios 6.4.3 Fortinet Fortios 6.4.4 Fortinet Fortios 6.4.5 Fortinet Fortios 6.4.6	198

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://fortiguard.com/advisory/FG-IR-21-046