| No. | Title | CVE ID | Severity | Model |
| 1 | fgfmsd에서 인증이 누락되었습니다 | CVE-2024-47575 | Critical | FortiManager |
| 2 | CLI의 TFTP 클라이언트 라이브러리의 버퍼 오버플로 | CVE-2021-42757 | Medium | 아래 참조 |
| 3 | 펌웨어 검증의 버퍼 언더라이트 | CVE-2021-24018 | Medium | 아래 참조 |
1. fgfmsd에서 인증이 누락되었습니다(https://fortiguard.fortinet.com/psirt/FG-IR-24-423)
FortiManager fgfmd 데몬의 중요 기능에 대한 인증이 누락된 취약점[CWE-306]으로 인해 원격의 인증되지 않은 공격자가 특별히 제작된 요청을 통해 임의의 코드나 명령을 실행할 수 있습니다.
보고에 따르면 이러한 취약점이 실제로 악용되고 있는 것으로 나타났습니다.
| Version | Affected | Solution |
| FortiManager 7.6 | 7.6.0 | Upgrade to 7.6.1 or above |
| FortiManager 7.4 | 7.4.0 through 7.4.4 | Upgrade to 7.4.5 or above |
| FortiManager 7.2 | 7.2.0 through 7.2.7 | Upgrade to 7.2.8 or above |
| FortiManager 7.0 | 7.0.0 through 7.0.12 | Upgrade to 7.0.13 or above |
| FortiManager 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
| FortiManager 6.2 | 6.2.0 through 6.2.12 | Upgrade to 6.2.13 or above |
| FortiManager Cloud 7.6 | Not affected | Not Applicable |
| FortiManager Cloud 7.4 | 7.4.1 through 7.4.4 | Upgrade to 7.4.5 or above |
| FortiManager Cloud 7.2 | 7.2.1 through 7.2.7 | Upgrade to 7.2.8 or above |
| FortiManager Cloud 7.0 | 7.0.1 through 7.0.12 | Upgrade to 7.0.13 or above |
| FortiManager Cloud 6.4 | 6.4 all versions | Migrate to a fixed release |
2. CLI의 TFTP 클라이언트 라이브러리의 버퍼 오버플로(https://fortiguard.fortinet.com/psirt/FG-IR-21-173)
FortiOS의 TFTP 클라이언트 라이브러리에 있는 버퍼 오버플로[CWE-121]로 인해 인증된 로컬 공격자가 특별히 제작된 명령줄 인수를 통해 임의의 코드를 실행할 수 있습니다.
| Version | Affected | Solution |
| FortiADC 7.0 | Not affected | Not Applicable |
| FortiADC 6.2 | 6.2.0 through 6.2.2 | Upgrade to 6.2.3 or above |
| FortiADC 6.1 | 6.1.0 through 6.1.5 | Upgrade to 6.1.6 or above |
| FortiADC 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiADC 5.4 | 5.4 all versions | Migrate to a fixed release |
| FortiADC 5.3 | 5.3 all versions | Migrate to a fixed release |
| FortiADC 5.2 | 5.2 all versions | Migrate to a fixed release |
| FortiADC 5.1 | 5.1 all versions | Migrate to a fixed release |
| FortiADC 5.0 | 5.0 all versions | Migrate to a fixed release |
| FortiAnalyzer 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
| FortiAnalyzer 6.4 | 6.4.0 through 6.4.7 | Upgrade to 6.4.8 or above |
| FortiAnalyzer 6.2 | 6.2 all versions | Migrate to a fixed release |
| FortiAnalyzer 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiDDoS 5.6 | Not affected | Not Applicable |
| FortiDDoS 5.5 | 5.5.0 through 5.5.1 | Upgrade to 5.5.2 or above |
| FortiDDoS 5.4 | 5.4 all versions | Migrate to a fixed release |
| FortiDDoS 5.3 | 5.3 all versions | Migrate to a fixed release |
| FortiDDoS 5.2 | 5.2 all versions | Migrate to a fixed release |
| FortiDDoS 5.1 | 5.1 all versions | Migrate to a fixed release |
| FortiDDoS 5.0 | 5.0 all versions | Migrate to a fixed release |
| FortiDDoS 4.7 | 4.7 all versions | Migrate to a fixed release |
| FortiDDoS 4.6 | 4.6 all versions | Migrate to a fixed release |
| FortiDDoS 4.5 | 4.5 all versions | Migrate to a fixed release |
| FortiDDoS 4.4 | 4.4 all versions | Migrate to a fixed release |
| FortiDDoS-F 6.4 | 6.4.0 through 6.4.1 | Upgrade to 6.4.2 or above |
| FortiDDoS-F 6.3 | 6.3.0 | Upgrade to 6.3.1 or above |
| FortiDDoS-F 6.2 | 6.2.0 through 6.2.2 | Upgrade to 6.2.3 or above |
| FortiDDoS-F 6.1 | 6.1.0 through 6.1.4 | Upgrade to 6.1.5 or above |
| FortiMail 7.2 | Not affected | Not Applicable |
| FortiMail 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
| FortiMail 6.4 | 6.4.0 through 6.4.6 | Upgrade to 6.4.7 or above |
| FortiMail 6.2 | 6.2.0 through 6.2.7 | Migrate to a fixed release |
| FortiMail 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiMail 5.4 | 5.4 all versions | Migrate to a fixed release |
| FortiManager 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
| FortiManager 6.4 | 6.4.0 through 6.4.7 | Upgrade to 6.4.8 or above |
| FortiManager 6.2 | 6.2 all versions | Migrate to a fixed release |
| FortiManager 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiNDR 7.0 | Not affected | Not Applicable |
| FortiNDR 1.5 | 1.5.0 through 1.5.2 | Migrate to a fixed release |
| FortiNDR 1.4 | 1.4 all versions | Migrate to a fixed release |
| FortiNDR 1.3 | 1.3 all versions | Migrate to a fixed release |
| FortiNDR 1.2 | 1.2 all versions | Migrate to a fixed release |
| FortiNDR 1.1 | 1.1 all versions | Migrate to a fixed release |
| FortiOS 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
| FortiOS 6.4 | 6.4.0 through 6.4.7 | Upgrade to 6.4.8 or above |
| FortiOS 6.2 | 6.2.0 through 6.2.9 | Upgrade to 6.2.10 or above |
| FortiOS 6.0 | 6.0.0 through 6.0.13 | Upgrade to 6.0.14 or above |
| FortiOS 5.6 | 5.6 all versions | Migrate to a fixed release |
| FortiOS 5.4 | 5.4 all versions | Migrate to a fixed release |
| FortiOS 5.2 | 5.2 all versions | Migrate to a fixed release |
| FortiOS 5.0 | 5.0 all versions | Migrate to a fixed release |
| FortiOS-6K7K 6.4 | 6.4.6 | Upgrade to 6.4.8 or above |
| FortiOS-6K7K 6.4 | 6.4.2 | Upgrade to 6.4.8 or above |
| FortiOS-6K7K 6.2 | 6.2.6 through 6.2.7 | Upgrade to 6.2.9 or above |
| FortiOS-6K7K 6.2 | 6.2.4 | Upgrade to 6.2.9 or above |
| FortiOS-6K7K 6.0 | 6.0.12 through 6.0.17 | Migrate to a fixed release |
| FortiOS-6K7K 6.0 | 6.0.10 | Migrate to a fixed release |
| FortiPortal 6.0 | 6.0.0 through 6.0.10 | Upgrade to 6.0.11 or above |
| FortiPortal 5.3 | 5.3 all versions | Migrate to a fixed release |
| FortiPortal 5.2 | 5.2 all versions | Migrate to a fixed release |
| FortiPortal 5.1 | 5.1 all versions | Migrate to a fixed release |
| FortiPortal 5.0 | 5.0 all versions | Migrate to a fixed release |
| FortiProxy 7.0 | 7.0.0 through 7.0.1 | Upgrade to 7.0.2 or above |
| FortiProxy 2.0 | 2.0.0 through 2.0.7 | Upgrade to 2.0.8 or above |
| FortiProxy 1.2 | 1.2 all versions | Migrate to a fixed release |
| FortiProxy 1.1 | 1.1 all versions | Migrate to a fixed release |
| FortiProxy 1.0 | 1.0 all versions | Migrate to a fixed release |
| FortiRecorder 7.0 | Not affected | Not Applicable |
| FortiRecorder 6.4 | 6.4.0 through 6.4.2 | Upgrade to 6.4.3 or above |
| FortiRecorder 6.0 | 6.0.0 through 6.0.10 | Upgrade to 6.0.11 or above |
| FortiRecorder 2.7 | 2.7.0 through 2.7.7 | Upgrade to 2.7.8 or above |
| FortiRecorder 2.6 | 2.6 all versions | Migrate to a fixed release |
| FortiSwitch 7.2 | Not affected | Not Applicable |
| FortiSwitch 7.0 | 7.0.0 through 7.0.3 | Upgrade to 7.0.4 or above |
| FortiSwitch 6.4 | 6.4.0 through 6.4.9 | Upgrade to 6.4.10 or above |
| FortiSwitch 6.2 | 6.2.0 through 6.2.7 | Migrate to a fixed release |
| FortiSwitch 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiVoice 6.4 | 6.4.0 through 6.4.4 | Upgrade to 6.4.5 or above |
| FortiVoice 6.0 | 6.0.0 through 6.0.10 | Upgrade to 6.0.11 or above |
| FortiWeb 7.0 | Not affected | Not Applicable |
| FortiWeb 6.4 | 6.4.0 through 6.4.1 | Upgrade to 6.4.2 or above |
| FortiWeb 6.3 | 6.3.0 through 6.3.16 | Upgrade to 6.3.17 or above |
| FortiWeb 6.2 | 6.2 all versions | Migrate to a fixed release |
| FortiWeb 6.1 | 6.1 all versions | Migrate to a fixed release |
| FortiWeb 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiWeb 5.9 | 5.9 all versions | Migrate to a fixed release |
| FortiWeb 5.8 | 5.8 all versions | Migrate to a fixed release |
| FortiWeb 5.7 | 5.7 all versions | Migrate to a fixed release |
| FortiWeb 5.6 | 5.6 all versions | Migrate to a fixed release |
| FortiWeb 5.5 | 5.5 all versions | Migrate to a fixed release |
| FortiWeb 5.4 | 5.4 all versions | Migrate to a fixed release |
| FortiWeb 5.3 | 5.3 all versions | Migrate to a fixed release |
| FortiWeb 5.2 | 5.2 all versions | Migrate to a fixed release |
| FortiWeb 5.1 | 5.1 all versions | Migrate to a fixed release |
| FortiWeb 5.0 | 5.0 all versions | Migrate to a fixed release |
3.펌웨어 검증의 버퍼 언더라이트(https://fortiguard.fortinet.com/psirt/FG-IR-21-046)
FortiWeb, FortiOS, FortiSwitch, FortiADC, FortiAI, FortiManager, FortiAnalyzer, FortiProxy의 펌웨어 검증 루틴에 있는 버퍼 언더라이트(CWE-124) 취약성으로 인해 인접 네트워크에 있는 공격자가 특별히 제작된 펌웨어 이미지를 통해 임의의 코드를 실행할 가능성이 있습니다.
| Affected Products |
| FortiOS version 7.0.0 |
| FortiOS version 6.4.0 through 6.4.6 |
| FortiOS version 6.2.0 through 6.2.9 |
| FortiOS version 6.0.0 through 6.0.13 |
| FortiOS 5.6 all versions |
| FortiOS 5.4 all versions |
| FortiOS 5.2 all versions |
| FortiOS 5.0 all versions |
| At least |
| FortiNDR 1.5 all versions |
| FortiNDR 1.4 all versions |
| FortiNDR 1.3 all versions |
| FortiNDR 1.2 all versions |
| FortiNDR 1.1 all versions |
| FortiProxy version 7.0.0 |
| FortiProxy 2.0 all versions |
| FortiProxy 1.2 all versions |
| FortiProxy 1.1 all versions |
| FortiProxy 1.0 all versions |
| At least |
| FortiVoice version 6.4.0 through 6.4.6 |
| FortiVoice version 6.0.0 through 6.0.11 |
| At least |
| FortiAnalyzer version 7.0.0 through 7.0.2 |
| FortiAnalyzer version 6.4.0 through 6.4.7 |
| FortiAnalyzer 6.2 all versions |
| FortiAnalyzer 6.0 all versions |
| FortiDDoS-F version 6.3.0 |
| FortiDDoS-F version 6.2.0 through 6.2.2 |
| FortiDDoS-F version 6.1.0 through 6.1.4 |
| At least |
| FortiADC version 6.2.0 through 6.2.2 |
| FortiADC version 6.1.0 through 6.1.5 |
| FortiADC 6.0 all versions |
| FortiADC 5.4 all versions |
| FortiADC 5.3 all versions |
| FortiADC 5.2 all versions |
| FortiADC 5.1 all versions |
| FortiADC 5.0 all versions |
| At least |
| FortiDDoS version 5.5.0 through 5.5.1 |
| FortiDDoS 5.4 all versions |
| FortiDDoS 5.3 all versions |
| FortiDDoS 5.2 all versions |
| FortiDDoS 5.1 all versions |
| FortiDDoS 5.0 all versions |
| FortiDDoS 4.7 all versions |
| FortiDDoS 4.6 all versions |
| FortiDDoS 4.5 all versions |
| FortiDDoS 4.4 all versions |
| At least |
| FortiManager version 7.0.0 through 7.0.2 |
| FortiManager version 6.4.0 through 6.4.7 |
| FortiManager 6.2 all versions |
| FortiManager 6.0 all versions |
| FortiWeb version 6.4.0 through 6.4.1 |
| FortiWeb version 6.3.0 through 6.3.15 |
| FortiWeb 6.2 all versions |
| FortiWeb 6.1 all versions |
| FortiWeb 6.0 all versions |
| FortiWeb 5.9 all versions |
| FortiWeb 5.8 all versions |
| FortiWeb 5.7 all versions |
| FortiWeb 5.6 all versions |
| FortiWeb 5.5 all versions |
| FortiWeb 5.4 all versions |
| FortiWeb 5.3 all versions |
| At least |
| FortiRecorder version 6.4.0 through 6.4.2 |
| FortiRecorder version 6.0.0 through 6.0.10 |
| FortiRecorder 2.7 all versions |
| FortiRecorder 2.6 all versions |
| At least |
| FortiSwitch version 7.0.0 through 7.0.2 |
| FortiSwitch version 6.4.0 through 6.4.8 |
| FortiSwitch 6.2 all versions |
| FortiSwitch 6.0 all versions |