Published: 14/01/2025 Updated: 31/01/2025

Integer Overflow Vulnerability Leads to Denial of Service in FortiOS

FortiSASE version 23.4.b and FortiOS version 7.4.4 and below, 7.2.10 and below have an Integer Overflow or Wraparound vulnerability [CWE-190]. An authenticated attacker can crash the IPsec tunnel using crafted requests. This could cause a denial of service in the IPsec IKE service.

Please upgrade to FortiOS version 7.6.1 or above
Please upgrade to FortiOS version 7.4.5 or above
Please upgrade to FortiSASE version 24.4.a or above

Vulnerable Product	Search on Vulmon	Subscribe to Product
fortinet fortios 7.4.4
fortinet fortios 7.4.3
fortinet fortios 7.4.2
fortinet fortios 7.4.1
fortinet fortios 7.4.0
fortinet fortios 7.2.10
fortinet fortios 7.2.9
fortinet fortios 7.2.8
fortinet fortios 7.2.7
fortinet fortios 7.2.6
fortinet fortios 7.2.5
fortinet fortios 7.2.4
fortinet fortios 7.2.3
fortinet fortios 7.2.2
fortinet fortios 7.2.1
fortinet fortios 7.2.0
fortinet fortios

CWE-190 https://nvd.nist.gov https://www.first.org/epss https://fortiguard.fortinet.com/psirt/FG-IR-24-267

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-46669

Vulnerability Summary

Solution

References

Vulmon Search

About

Products

Connect