Intrusion PreventionFortiManager.fgfmsd.daemon.Use.After.Free
Description
This indicates an attack attempt to exploit a Use After Free Vulnerability in FortiManager.
The vulnerability is due to insufficient sanitizing of user supplied inputs. Successful exploitation may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending a specifically crafted request to the fgfm port of the targeted device.
Affected Products
FortiManager versions 5.6.10 and below.
FortiManager versions 6.0.10 and below.
FortiManager versions 6.2.7 and below.
FortiManager versions 6.4.5 and below.
FortiManager version 7.0.0.
FortiManager versions 5.4.x.
FortiAnalyzer versions 5.6.10 and below.
FortiAnalyzer versions 6.0.10 and below.
FortiAnalyzer versions 6.2.7 and below.
FortiAnalyzer versions 6.4.5 and below.
FortiAnalyzer version 7.0.0.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.fortiguard.com/psirt/FG-IR-21-067
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2022-09-12 | 22.389 | Name:FG-VD-50483. 0day:FortiManager. fgfmsd. daemon. Use. After. Free |
| 2021-06-28 | 18.105 | Default_action:pass:drop |
| 2021-06-17 | 18.100 |
| ID | 50483 |
| Created | Jun 10, 2021 |
| Updated | Sep 12, 2022 |
| Risk |
|
| CVE ID | CVE-2021-32589 |
| Default Action | drop |
| Active | |
| Affected OS | Other |
| Affected App | Other |