A vulnerability allowing local authenticated attackers to execute system commands has been identified in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.5, 7.2.5 through 7.2.10, 7.0.0 through 7.0.15, and 6.4 all versions. This vulnerability arises from an incorrect provision of specified functionality, which allows the execution of crafted CLI commands that bypass restricted command controls.
Exploitation of this vulnerability could lead to unauthorized execution of system commands, potentially allowing for privilege escalation.
Users can upgrade to FortiOS 7.6.1 or above, FortiOS 7.4.6 or above, FortiOS 7.2.11 or above, FortiOS 7.0.16 or above, or migrate to a fixed release from FortiOS 6.4. Instructions for upgrading are available in the Fortinet Upgrade Tool.
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.
