Buffer overflow in fgfmd

June 11, 2024, 7 a.m. |

FortiGuard Labs | FortiGuard Center - IR Advisories fortiguard.fortinet.com

A stack-based overflow vulnerability [CWE-124] in FortiOS, FortiProxy, FortiPAM and FortiSwitchManager may allow a remote attacker to execute arbitrary code or command via crafted packets reaching the fgfmd daemon, under certain conditions which are outside the control of the attacker.

arbitrary code attacker buffer buffer overflow code command conditions control cwe daemon fortios fortiproxy fortiswitchmanager may overflow packets stack under vulnerability

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

FortiOS/FortiProxy - XSS in reboot page 2 weeks, 1 day ago | fortiguard.fortinet.com

access admin attacker code +18

Stack buffer overflow on bluetooth write feature 2 weeks, 1 day ago | fortiguard.fortinet.com

arbitrary code arbitrary code execution attacker bluetooth +14

Blind SQL Injection 2 weeks, 1 day ago | fortiguard.fortinet.com

blind command cwe download +8

Buffer overflow in fgfmd 2 weeks, 1 day ago | fortiguard.fortinet.com

arbitrary code attacker buffer buffer overflow +15

FortiSOAR is vulnerable to sql injection in Event Auth API via uuid parameter 2 weeks, 1 day ago | fortiguard.fortinet.com

api attacker auth code +14

Multiple buffer overflows in diag npu command 2 weeks, 1 day ago | fortiguard.fortinet.com

attacker buffer buffer overflow buffer overflows +14

TunnelVision - CVE-2024-3661 2 weeks, 1 day ago | fortiguard.fortinet.com

attack attacker aware bypass +18

Weak key derivation for backup file 2 weeks, 1 day ago | fortiguard.fortinet.com

access admin attacker backup +14

Buffer overflow in administrative interface 1 month, 1 week ago | fortiguard.fortinet.com

arbitrary code attacker buffer buffer overflow +13

Information Technology Specialist I: Windows Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, California

View on infosec-jobs.com

Information Technology Specialist I, LACERA: Information Security Engineer

@ Los Angeles County Employees Retirement Association (LACERA) | Pasadena, CA

View on infosec-jobs.com

Vice President, Controls Design & Development-7

@ State Street | Quincy, Massachusetts

View on infosec-jobs.com

Vice President, Controls Design & Development-5

@ State Street | Quincy, Massachusetts

View on infosec-jobs.com

Data Scientist & AI Prompt Engineer

@ Varonis | Israel

View on infosec-jobs.com

Contractor

@ Birlasoft | INDIA - MUMBAI - BIRLASOFT OFFICE, IN

View on infosec-jobs.com

all InfoSec news

Buffer overflow in fgfmd

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - IR Advisories

Jobs in InfoSec / Cybersecurity

Information Technology Specialist I: Windows Engineer

Information Technology Specialist I, LACERA: Information Security Engineer

Vice President, Controls Design & Development-7

Vice President, Controls Design & Development-5

Data Scientist & AI Prompt Engineer

Contractor