virus logo Intrusion Prevention

FortiManager.fgfmsd.daemon.Use.After.Free

description-logoDescription

This indicates an attack attempt to exploit a Use After Free Vulnerability in FortiManager.
The vulnerability is due to insufficient sanitizing of user supplied inputs. Successful exploitation may allow a remote, non-authenticated attacker to execute unauthorized code as root via sending a specifically crafted request to the fgfm port of the targeted device.

affected-products-logoAffected Products

FortiManager versions 5.6.10 and below.
FortiManager versions 6.0.10 and below.
FortiManager versions 6.2.7 and below.
FortiManager versions 6.4.5 and below.
FortiManager version 7.0.0.
FortiManager versions 5.4.x.
FortiAnalyzer versions 5.6.10 and below.
FortiAnalyzer versions 6.0.10 and below.
FortiAnalyzer versions 6.2.7 and below.
FortiAnalyzer versions 6.4.5 and below.
FortiAnalyzer version 7.0.0.

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://www.fortiguard.com/psirt/FG-IR-21-067

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2022-09-12 22.389
Modified
 Name:FG-VD-50483.
0day:FortiManager.
fgfmsd.
daemon.
Use.
After.
Free
2021-06-28 18.105
Modified
 Default_action:pass:drop
2021-06-17 18.100
New
ID 50483
Created Jun 10, 2021
Updated Sep 12, 2022
CVE ID
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Exploit Prediction Score 6.53%
Default Action drop
Active
Affected OS Other
Affected App Other
Profile Type Buffer Errors