Severity Level: Critical
Title:
Critical Stack-Based Buffer Overflow Vulnerability in Fortinet Products
Summary:
A critical stack-based buffer overflow vulnerability (CWE-121) affecting several Fortinet products— FortiVoice, FortiMail, FortiNDR, FortiRecorder, and FortiCamera—has been identified and actively exploited in the wild, specifically targeting FortiVoice systems. The vulnerability allows remote, unauthenticated attackers to execute arbitrary code or system commands through crafted HTTP requests.Fortinet has confirmed in-the-wild exploitation involving system reconnaissance, log wiping, credential harvesting, and malicious file installation
Recommendations:
• Upgrade immediately to the patched version or migrate to a secure release.
• Disable the HTTP/HTTPS GUI interface until patches are applied.
• Monitor for malicious activity using IoCs and check for presence of unauthorized files and cron jobs.
References:
For references :
Click here