CNNVD-202510-1980 Information
CNNVD ID
CNNVD-202510-1980
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Fortinet FortiSOAR是美国飞塔(Fortinet)公司的一种安全编排、自动化和响应 (SOAR) 解决方案。 Fortinet FortiSOAR存在操作系统命令注入漏洞,该漏洞源于特殊元素中和不当,可能导致本地权限提升。以下版本受到影响:7.6.0版本至7.6.1版本、7.5.0版本至7.5.1版本、7.4所有版本和7.3所有版本。
Description (English)
Fortinet FortiSOAR is a safe arrangement, automation and responsiveness (SOAR) solution for Fortinet. Fortinet FortiSOAR has an operational system command to inject a loophole, which arises from the incompetence of the special elements and may lead to an increase in local privileges. The following versions were affected: 7.6.0 to 7.6.1, 7.5.0 to 7.5.1, all 7.4 and 7.3.
Hazard Level
High
Vulnerability Type
操作系统命令注入
Affected Vendor
飞塔
Published
2025-10-14
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-24-412 https://access.redhat.com/security/cve/cve-2024-48891
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-24-412
Share on: