Back to search
CVE-2017-14187
Published: May 24, 2018
Modified: Oct 25, 2024
PUBLISHED
Description
A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.
| Vendor | Product | Versions |
|---|---|---|
Fortinet, Inc. | FortiOS | affected 5.6.0 to 5.6.2affected 5.4.0 to 5.4.8affected 5.2 and below versions |
References
1040983
vdb-entry
x_refsource_SECTRACK
104312
vdb-entry
x_refsource_BID
https://fortiguard.com/advisory/FG-IR-17-245
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now