Vulnerabilities > Fortinet > Fortios

DATE CVE VULNERABILITY TITLE RISK
2023-09-01 CVE-2022-22305 Improper Certificate Validation vulnerability in Fortinet products
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.
high complexity
fortinet CWE-295
4.2
2023-08-17 CVE-2023-29182 Out-of-bounds Write vulnerability in Fortinet Fortios
A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiOS before 7.0.3 allows a privileged attacker to execute arbitrary code via specially crafted CLI commands, provided the attacker were able to evade FortiOS stack protections.
local
low complexity
fortinet CWE-787
6.7
2023-07-26 CVE-2023-33308 Out-of-bounds Write vulnerability in Fortinet Fortios and Fortiproxy
A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection.
network
low complexity
fortinet CWE-787
critical
9.8
2023-07-18 CVE-2021-43072 Classic Buffer Overflow vulnerability in Fortinet products
A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiAnalyzer version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiManager version 7.0.2 and below, version 6.4.7 and below, version 6.2.9 and below, version 6.0.11 and below, version 5.6.11 and below, FortiOS version 7.0.0 through 7.0.4, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.x and FortiProxy version 7.0.0 through 7.0.3, 2.0.0 through 2.0.8, 1.2.x, 1.1.x and 1.0.x allows attacker to execute unauthorized code or commands via crafted CLI `execute restore image` and `execute certificate remote` operations with the tFTP protocol.
local
low complexity
fortinet CWE-120
6.7
2023-07-11 CVE-2023-28001 Insufficient Session Expiration vulnerability in Fortinet Fortios
An insufficient session expiration in Fortinet FortiOS 7.0.0 - 7.0.12 and 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via reusing the session of a deleted user in the REST API.
network
low complexity
fortinet CWE-613
critical
9.8
2023-07-11 CVE-2022-22302 Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortiauthenticator and Fortios
A clear text storage of sensitive information (CWE-312) vulnerability in both FortiGate version 6.4.0 through 6.4.1, 6.2.0 through 6.2.9 and 6.0.0 through 6.0.13 and FortiAuthenticator version 5.5.0 and all versions of 6.1 and 6.0 may allow a local unauthorized party to retrieve the Fortinet private keys used to establish secure communication with both Apple Push Notification and Google Cloud Messaging services, via accessing the files on the filesystem.
local
low complexity
fortinet CWE-312
3.3
2023-06-16 CVE-2023-33306 NULL Pointer Dereference vulnerability in Fortinet Fortios and Fortiproxy
A null pointer dereference in Fortinet FortiOS before 7.2.5, before 7.0.11 and before 6.4.13, FortiProxy before 7.2.4 and before 7.0.10 allows attacker to denial of sslvpn service via specifically crafted request in bookmark parameter.
network
low complexity
fortinet CWE-476
6.5
2023-06-16 CVE-2023-33307 NULL Pointer Dereference vulnerability in Fortinet Fortios and Fortiproxy
A null pointer dereference in Fortinet FortiOS before 7.2.5 and before 7.0.11, FortiProxy before 7.2.3 and before 7.0.9 allows attacker to denial of sslvpn service via specifically crafted request in network parameter.
network
low complexity
fortinet CWE-476
6.5
2023-06-13 CVE-2022-41327 Cleartext Transmission of Sensitive Information vulnerability in Fortinet Fortios and Fortiproxy
A cleartext transmission of sensitive information vulnerability [CWE-319] in Fortinet FortiOS version 7.2.0 through 7.2.4, 7.0.0 through 7.0.8, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.8 allows an authenticated attacker with readonly superadmin privileges to intercept traffic in order to obtain other adminstrators cookies via diagnose CLI commands.
local
low complexity
fortinet CWE-319
4.4
2023-06-13 CVE-2022-42474 Path Traversal vulnerability in Fortinet Fortiproxy and Fortiswitchmanager
A relative path traversal vulnerability [CWE-23] in Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.9 and before 6.4.12, FortiProxy version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.7, FortiSwitchManager version 7.2.0 through 7.2.1 and before 7.0.1 allows an privileged attacker to delete arbitrary directories from the filesystem through crafted HTTP requests.
network
low complexity
fortinet CWE-22
2.7