8.8
CVE-2021-36173
- EPSS 0.4%
- Published 08.12.2021 19:15:09
- Last modified 21.11.2024 06:13:15
- Source psirt@fortinet.com
- Teams watchlist Login
- Open Login
A heap-based buffer overflow in the firmware signature verification function of FortiOS versions 7.0.1, 7.0.0, 6.4.0 through 6.4.6, 6.2.0 through 6.2.9, and 6.0.0 through 6.0.13 may allow an attacker to execute arbitrary code via specially crafted installation images.
Data is provided by the National Vulnerability Database (NVD)
Fortinet ≫ Fortios Version >= 6.0.0 <= 6.0.13
Fortinet ≫ Fortigate-1100e Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortios Version >= 6.2.0 <= 6.2.9
Fortinet ≫ Fortigate-1100e Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortios Version >= 6.4.0 <= 6.4.6
Fortinet ≫ Fortigate-1100e Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortios Version7.0.0
Fortinet ≫ Fortigate-1100e Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortios Version7.0.1
Fortinet ≫ Fortigate-1100e Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Fortinet ≫ Fortigate-200f Version-
Fortinet ≫ Fortigate-2600f Version-
Fortinet ≫ Fortigate-3500f Version-
Fortinet ≫ Fortigate-400e Version-
Fortinet ≫ Fortigate-600e Version-
Fortinet ≫ Fortigate 1800f Version-
Fortinet ≫ Fortigate 2200e Version-
Fortinet ≫ Fortigate 3300e Version-
Fortinet ≫ Fortigate 3600e Version-
Fortinet ≫ Fortigate 40f Version-
Fortinet ≫ Fortigate 60f Version-
Fortinet ≫ Fortigate 7121f Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.4% | 0.602 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.8 | 2.8 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 6.8 | 8.6 | 6.4 |
AV:N/AC:M/Au:N/C:P/I:P/A:P
|
| psirt@fortinet.com | 8 | 2.1 | 5.9 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
CWE-787 Out-of-bounds Write
The product writes data past the end, or before the beginning, of the intended buffer.