Published: 11/02/2025 Updated: 11/02/2025

Stack-Based Buffer Overflow in Fortinet FortiOS Enables Remote Code Execution

A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.4 up to and including 7.2.8 and version 7.4.0 up to and including 7.4.4 allows a remote unauthenticated malicious user to execute arbitrary code or commands via crafted UDP packets through the CAPWAP control, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface.

Please upgrade to FortiAuthenticator version 7.0.0 or above
Please upgrade to FortiOS version 7.6.0 or above
Please upgrade to FortiOS version 7.4.5 or above
Please upgrade to FortiOS version 7.2.9 or above

Vulnerable Product	Search on Vulmon	Subscribe to Product
fortinet fortios 7.4.4
fortinet fortios 7.4.3
fortinet fortios 7.4.2
fortinet fortios 7.4.1
fortinet fortios 7.4.0
fortinet fortios 7.2.8
fortinet fortios 7.2.7
fortinet fortios 7.2.6
fortinet fortios 7.2.5
fortinet fortios 7.2.4
fortinet fortios

CWE-121 https://nvd.nist.gov https://www.first.org/epss https://fortiguard.fortinet.com/psirt/FG-IR-24-160

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-35279

Vulnerability Summary

Solution

References

Vulmon Search

About

Products

Connect