Overview
- Description
- A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 6.2
- Impact score
- 5.9
- Exploitability score
- 0.3
- Vector string
- CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Weaknesses
- nvd@nist.gov
- CWE-269
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3085A41F-2305-46D3-AE10-6D256B6E1F95",
"versionEndIncluding": "5.2.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DCDB1D22-D470-4AA4-AFB9-1A3D28E69C2A",
"versionEndIncluding": "5.4.8",
"versionStartIncluding": "5.4.0"
},
{
"criteria": "cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C44E69B8-A1E8-437B-ADA3-10DE256B3368",
"versionEndIncluding": "5.6.2",
"versionStartIncluding": "5.6.0"
}
],
"operator": "OR"
}
]
}
]