Stack-based buffer overflows via crafted CLI commands Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-21-206 Final 1 1 2022-07-05T00:00:00 Current version 2022-07-05T00:00:00 2022-07-05T00:00:00 A buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability [CWE-120] in FortiAnalyzer, FortiManager, FortiOS and FortiProxy may allow a privileged attacker to execute arbitrary code or command via crafted CLI execute restore image and execute certificate remote operations with the TFTP protocol. None Execute unauthorized code or commands FortiManager version 5.6.0 through 5.6.11FortiManager version 6.0.0 through 6.0.11FortiManager version 6.2.0 through 6.2.9FortiManager version 6.4.0 through 6.4.7FortiManager version 7.0.0 through 7.0.2FortiAnalyzer version 5.6.0 through 5.6.11FortiAnalyzer version 6.0.0 through 6.0.11FortiAnalyzer version 6.2.0 through 6.2.9FortiAnalyzer version 6.4.0 through 6.4.7FortiAnalyzer version 7.0.0 through 7.0.2FortiOS version 6.0.0 through 6.0.14FortiOS version 6.2.0 through 6.2.10FortiOS version 6.4.0 through 6.4.8FortiOS version 7.0.0 through 7.0.5FortiProxy version 1.0.0 through 1.0.7FortiProxy version 1.1.0 through 1.1.6FortiProxy version 1.2.0 through 1.2.13FortiProxy version 2.0.0 through 2.0.8FortiProxy version 7.0.0 through 7.0.3 Upgrade to FortiManager version 7.0.3 or aboveUpgrade to FortiManager version 6.4.8 or aboveUpgrade to FortiAnalyzer version 7.0.3 or aboveUpgrade to FortiAnalyzer version 6.4.8 or aboveUpgrade to FortiOS version 7.2.0 or aboveUpgrade to FortiOS version 7.0.6 or aboveUpgrade to FortiProxy version 7.0.4 or aboveUpgrade to FortiProxy version 2.0.9 or above Internally discovered and reported by Mattia Fecit and Théo Leleu of Fortinet Product Security Team. CVE-2021-43072 6.3 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-21-206 Stack-based buffer overflows via crafted CLI commands Reference>