No. | Title | CVE ID | Severity | Model |
1 | fgfmsd에서 인증이 누락되었습니다 | CVE-2024-47575 | Critical | FortiManager |
2 | CLI의 TFTP 클라이언트 라이브러리의 버퍼 오버플로 | CVE-2021-42757 | Medium | 아래 참조 |
3 | 펌웨어 검증의 버퍼 언더라이트 | CVE-2021-24018 | Medium | 아래 참조 |
1. fgfmsd에서 인증이 누락되었습니다(https://fortiguard.fortinet.com/psirt/FG-IR-24-423)
FortiManager fgfmd 데몬의 중요 기능에 대한 인증이 누락된 취약점[CWE-306]으로 인해 원격의 인증되지 않은 공격자가 특별히 제작된 요청을 통해 임의의 코드나 명령을 실행할 수 있습니다.
보고에 따르면 이러한 취약점이 실제로 악용되고 있는 것으로 나타났습니다.
Version | Affected | Solution |
FortiManager 7.6 | 7.6.0 | Upgrade to 7.6.1 or above |
FortiManager 7.4 | 7.4.0 through 7.4.4 | Upgrade to 7.4.5 or above |
FortiManager 7.2 | 7.2.0 through 7.2.7 | Upgrade to 7.2.8 or above |
FortiManager 7.0 | 7.0.0 through 7.0.12 | Upgrade to 7.0.13 or above |
FortiManager 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
FortiManager 6.2 | 6.2.0 through 6.2.12 | Upgrade to 6.2.13 or above |
FortiManager Cloud 7.6 | Not affected | Not Applicable |
FortiManager Cloud 7.4 | 7.4.1 through 7.4.4 | Upgrade to 7.4.5 or above |
FortiManager Cloud 7.2 | 7.2.1 through 7.2.7 | Upgrade to 7.2.8 or above |
FortiManager Cloud 7.0 | 7.0.1 through 7.0.12 | Upgrade to 7.0.13 or above |
FortiManager Cloud 6.4 | 6.4 all versions | Migrate to a fixed release |
2. CLI의 TFTP 클라이언트 라이브러리의 버퍼 오버플로(https://fortiguard.fortinet.com/psirt/FG-IR-21-173)
FortiOS의 TFTP 클라이언트 라이브러리에 있는 버퍼 오버플로[CWE-121]로 인해 인증된 로컬 공격자가 특별히 제작된 명령줄 인수를 통해 임의의 코드를 실행할 수 있습니다.
Version | Affected | Solution |
FortiADC 7.0 | Not affected | Not Applicable |
FortiADC 6.2 | 6.2.0 through 6.2.2 | Upgrade to 6.2.3 or above |
FortiADC 6.1 | 6.1.0 through 6.1.5 | Upgrade to 6.1.6 or above |
FortiADC 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiADC 5.4 | 5.4 all versions | Migrate to a fixed release |
FortiADC 5.3 | 5.3 all versions | Migrate to a fixed release |
FortiADC 5.2 | 5.2 all versions | Migrate to a fixed release |
FortiADC 5.1 | 5.1 all versions | Migrate to a fixed release |
FortiADC 5.0 | 5.0 all versions | Migrate to a fixed release |
FortiAnalyzer 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
FortiAnalyzer 6.4 | 6.4.0 through 6.4.7 | Upgrade to 6.4.8 or above |
FortiAnalyzer 6.2 | 6.2 all versions | Migrate to a fixed release |
FortiAnalyzer 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiDDoS 5.6 | Not affected | Not Applicable |
FortiDDoS 5.5 | 5.5.0 through 5.5.1 | Upgrade to 5.5.2 or above |
FortiDDoS 5.4 | 5.4 all versions | Migrate to a fixed release |
FortiDDoS 5.3 | 5.3 all versions | Migrate to a fixed release |
FortiDDoS 5.2 | 5.2 all versions | Migrate to a fixed release |
FortiDDoS 5.1 | 5.1 all versions | Migrate to a fixed release |
FortiDDoS 5.0 | 5.0 all versions | Migrate to a fixed release |
FortiDDoS 4.7 | 4.7 all versions | Migrate to a fixed release |
FortiDDoS 4.6 | 4.6 all versions | Migrate to a fixed release |
FortiDDoS 4.5 | 4.5 all versions | Migrate to a fixed release |
FortiDDoS 4.4 | 4.4 all versions | Migrate to a fixed release |
FortiDDoS-F 6.4 | 6.4.0 through 6.4.1 | Upgrade to 6.4.2 or above |
FortiDDoS-F 6.3 | 6.3.0 | Upgrade to 6.3.1 or above |
FortiDDoS-F 6.2 | 6.2.0 through 6.2.2 | Upgrade to 6.2.3 or above |
FortiDDoS-F 6.1 | 6.1.0 through 6.1.4 | Upgrade to 6.1.5 or above |
FortiMail 7.2 | Not affected | Not Applicable |
FortiMail 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
FortiMail 6.4 | 6.4.0 through 6.4.6 | Upgrade to 6.4.7 or above |
FortiMail 6.2 | 6.2.0 through 6.2.7 | Migrate to a fixed release |
FortiMail 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiMail 5.4 | 5.4 all versions | Migrate to a fixed release |
FortiManager 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
FortiManager 6.4 | 6.4.0 through 6.4.7 | Upgrade to 6.4.8 or above |
FortiManager 6.2 | 6.2 all versions | Migrate to a fixed release |
FortiManager 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiNDR 7.0 | Not affected | Not Applicable |
FortiNDR 1.5 | 1.5.0 through 1.5.2 | Migrate to a fixed release |
FortiNDR 1.4 | 1.4 all versions | Migrate to a fixed release |
FortiNDR 1.3 | 1.3 all versions | Migrate to a fixed release |
FortiNDR 1.2 | 1.2 all versions | Migrate to a fixed release |
FortiNDR 1.1 | 1.1 all versions | Migrate to a fixed release |
FortiOS 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
FortiOS 6.4 | 6.4.0 through 6.4.7 | Upgrade to 6.4.8 or above |
FortiOS 6.2 | 6.2.0 through 6.2.9 | Upgrade to 6.2.10 or above |
FortiOS 6.0 | 6.0.0 through 6.0.13 | Upgrade to 6.0.14 or above |
FortiOS 5.6 | 5.6 all versions | Migrate to a fixed release |
FortiOS 5.4 | 5.4 all versions | Migrate to a fixed release |
FortiOS 5.2 | 5.2 all versions | Migrate to a fixed release |
FortiOS 5.0 | 5.0 all versions | Migrate to a fixed release |
FortiOS-6K7K 6.4 | 6.4.6 | Upgrade to 6.4.8 or above |
FortiOS-6K7K 6.4 | 6.4.2 | Upgrade to 6.4.8 or above |
FortiOS-6K7K 6.2 | 6.2.6 through 6.2.7 | Upgrade to 6.2.9 or above |
FortiOS-6K7K 6.2 | 6.2.4 | Upgrade to 6.2.9 or above |
FortiOS-6K7K 6.0 | 6.0.12 through 6.0.17 | Migrate to a fixed release |
FortiOS-6K7K 6.0 | 6.0.10 | Migrate to a fixed release |
FortiPortal 6.0 | 6.0.0 through 6.0.10 | Upgrade to 6.0.11 or above |
FortiPortal 5.3 | 5.3 all versions | Migrate to a fixed release |
FortiPortal 5.2 | 5.2 all versions | Migrate to a fixed release |
FortiPortal 5.1 | 5.1 all versions | Migrate to a fixed release |
FortiPortal 5.0 | 5.0 all versions | Migrate to a fixed release |
FortiProxy 7.0 | 7.0.0 through 7.0.1 | Upgrade to 7.0.2 or above |
FortiProxy 2.0 | 2.0.0 through 2.0.7 | Upgrade to 2.0.8 or above |
FortiProxy 1.2 | 1.2 all versions | Migrate to a fixed release |
FortiProxy 1.1 | 1.1 all versions | Migrate to a fixed release |
FortiProxy 1.0 | 1.0 all versions | Migrate to a fixed release |
FortiRecorder 7.0 | Not affected | Not Applicable |
FortiRecorder 6.4 | 6.4.0 through 6.4.2 | Upgrade to 6.4.3 or above |
FortiRecorder 6.0 | 6.0.0 through 6.0.10 | Upgrade to 6.0.11 or above |
FortiRecorder 2.7 | 2.7.0 through 2.7.7 | Upgrade to 2.7.8 or above |
FortiRecorder 2.6 | 2.6 all versions | Migrate to a fixed release |
FortiSwitch 7.2 | Not affected | Not Applicable |
FortiSwitch 7.0 | 7.0.0 through 7.0.3 | Upgrade to 7.0.4 or above |
FortiSwitch 6.4 | 6.4.0 through 6.4.9 | Upgrade to 6.4.10 or above |
FortiSwitch 6.2 | 6.2.0 through 6.2.7 | Migrate to a fixed release |
FortiSwitch 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiVoice 6.4 | 6.4.0 through 6.4.4 | Upgrade to 6.4.5 or above |
FortiVoice 6.0 | 6.0.0 through 6.0.10 | Upgrade to 6.0.11 or above |
FortiWeb 7.0 | Not affected | Not Applicable |
FortiWeb 6.4 | 6.4.0 through 6.4.1 | Upgrade to 6.4.2 or above |
FortiWeb 6.3 | 6.3.0 through 6.3.16 | Upgrade to 6.3.17 or above |
FortiWeb 6.2 | 6.2 all versions | Migrate to a fixed release |
FortiWeb 6.1 | 6.1 all versions | Migrate to a fixed release |
FortiWeb 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiWeb 5.9 | 5.9 all versions | Migrate to a fixed release |
FortiWeb 5.8 | 5.8 all versions | Migrate to a fixed release |
FortiWeb 5.7 | 5.7 all versions | Migrate to a fixed release |
FortiWeb 5.6 | 5.6 all versions | Migrate to a fixed release |
FortiWeb 5.5 | 5.5 all versions | Migrate to a fixed release |
FortiWeb 5.4 | 5.4 all versions | Migrate to a fixed release |
FortiWeb 5.3 | 5.3 all versions | Migrate to a fixed release |
FortiWeb 5.2 | 5.2 all versions | Migrate to a fixed release |
FortiWeb 5.1 | 5.1 all versions | Migrate to a fixed release |
FortiWeb 5.0 | 5.0 all versions | Migrate to a fixed release |
3.펌웨어 검증의 버퍼 언더라이트(https://fortiguard.fortinet.com/psirt/FG-IR-21-046)
FortiWeb, FortiOS, FortiSwitch, FortiADC, FortiAI, FortiManager, FortiAnalyzer, FortiProxy의 펌웨어 검증 루틴에 있는 버퍼 언더라이트(CWE-124) 취약성으로 인해 인접 네트워크에 있는 공격자가 특별히 제작된 펌웨어 이미지를 통해 임의의 코드를 실행할 가능성이 있습니다.
Affected Products |
FortiOS version 7.0.0 |
FortiOS version 6.4.0 through 6.4.6 |
FortiOS version 6.2.0 through 6.2.9 |
FortiOS version 6.0.0 through 6.0.13 |
FortiOS 5.6 all versions |
FortiOS 5.4 all versions |
FortiOS 5.2 all versions |
FortiOS 5.0 all versions |
At least |
FortiNDR 1.5 all versions |
FortiNDR 1.4 all versions |
FortiNDR 1.3 all versions |
FortiNDR 1.2 all versions |
FortiNDR 1.1 all versions |
FortiProxy version 7.0.0 |
FortiProxy 2.0 all versions |
FortiProxy 1.2 all versions |
FortiProxy 1.1 all versions |
FortiProxy 1.0 all versions |
At least |
FortiVoice version 6.4.0 through 6.4.6 |
FortiVoice version 6.0.0 through 6.0.11 |
At least |
FortiAnalyzer version 7.0.0 through 7.0.2 |
FortiAnalyzer version 6.4.0 through 6.4.7 |
FortiAnalyzer 6.2 all versions |
FortiAnalyzer 6.0 all versions |
FortiDDoS-F version 6.3.0 |
FortiDDoS-F version 6.2.0 through 6.2.2 |
FortiDDoS-F version 6.1.0 through 6.1.4 |
At least |
FortiADC version 6.2.0 through 6.2.2 |
FortiADC version 6.1.0 through 6.1.5 |
FortiADC 6.0 all versions |
FortiADC 5.4 all versions |
FortiADC 5.3 all versions |
FortiADC 5.2 all versions |
FortiADC 5.1 all versions |
FortiADC 5.0 all versions |
At least |
FortiDDoS version 5.5.0 through 5.5.1 |
FortiDDoS 5.4 all versions |
FortiDDoS 5.3 all versions |
FortiDDoS 5.2 all versions |
FortiDDoS 5.1 all versions |
FortiDDoS 5.0 all versions |
FortiDDoS 4.7 all versions |
FortiDDoS 4.6 all versions |
FortiDDoS 4.5 all versions |
FortiDDoS 4.4 all versions |
At least |
FortiManager version 7.0.0 through 7.0.2 |
FortiManager version 6.4.0 through 6.4.7 |
FortiManager 6.2 all versions |
FortiManager 6.0 all versions |
FortiWeb version 6.4.0 through 6.4.1 |
FortiWeb version 6.3.0 through 6.3.15 |
FortiWeb 6.2 all versions |
FortiWeb 6.1 all versions |
FortiWeb 6.0 all versions |
FortiWeb 5.9 all versions |
FortiWeb 5.8 all versions |
FortiWeb 5.7 all versions |
FortiWeb 5.6 all versions |
FortiWeb 5.5 all versions |
FortiWeb 5.4 all versions |
FortiWeb 5.3 all versions |
At least |
FortiRecorder version 6.4.0 through 6.4.2 |
FortiRecorder version 6.0.0 through 6.0.10 |
FortiRecorder 2.7 all versions |
FortiRecorder 2.6 all versions |
At least |
FortiSwitch version 7.0.0 through 7.0.2 |
FortiSwitch version 6.4.0 through 6.4.8 |
FortiSwitch 6.2 all versions |
FortiSwitch 6.0 all versions |