CNNVD-202510-1984 Information
CNNVD ID
CNNVD-202510-1984
Related CVE
- CNNVD Published: 2025-10-14
Description (Chinese)
Fortinet FortiOS是美国飞塔(Fortinet)公司的一套专用于FortiGate网络安全平台上的安全操作系统。该系统为用户提供防火墙、防病毒、IPSec/SSLVPN、Web内容过滤和反垃圾邮件等多种安全功能。 Fortinet FortiOS存在安全漏洞,该漏洞源于栈缓冲区溢出,可能导致执行任意代码。以下版本受到影响:7.4.0版本至7.4.1版本、7.2.0版本至7.2.7版本、7.0.0版本至7.0.12版本、6.4.6版本至6.4.15版本、6.2.9版本至6.2.16版本和6.0.13版本至6.0.18版本。
Description (English)
Fortinet FortiOS is a security operating system dedicated to the FortiGate network security platform of the United States of America. The system provides a wide range of security features for users, including firewalls, anti-virus, IPSEc/SSLVPN, Web content filters and anti-spam. Fortinet FortiOS has a security loophole, which stems from the spilling of the silo buffer zone and could lead to the implementation of any code. The following versions were affected: 7.4.0 to 7.4.1, 7.2.0 to 7.2.7, 7.0.0 to 7.12, 6.4.6 to 6.4.15, 6.2.9 to 6.2.16 and 6.013 to 6.0.18.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
飞塔
Published
2025-10-14
Last Modified
2026-02-24
References
https://fortiguard.fortinet.com/psirt/FG-IR-23-354 https://access.redhat.com/security/cve/cve-2023-46718 https://vigilance.fr/vulnerability/FortiOS-buffer-overflow-via-Fortitoken-Import-Feature-48475
Patch
https://fortiguard.fortinet.com/psirt/FG-IR-23-354
Share on: