Buffer overflow in FortiOS and FortiSwitch - CVE-2016-6909
Published: February 16, 2017 / Updated: February 28, 2017
Vulnerability identifier: #VU5838
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2016-6909
CWE-ID: CWE-119
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: Fortinet, Inc
Affected software:
FortiOS
FortiSwitch
FortiOS
FortiSwitch
Detailed vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exist due to a boundary error within cookie parser. A remote attacker can send a specially crafted HTTP request, cause memory corruption and execute arbitrary code on vulnerable system.
Successful exploitation of the vulnerability may allow an attacker to gain unauthorized access to vulnerable system.
Note:the vulnerability was being actively exploited.
How to mitigate CVE-2016-6909
Update FortiGuard to version 4.1.11, 4.2.13, 4.3.9.
Update FortiSwitch to version 3.4.3.
Update FortiSwitch to version 3.4.3.