There are two ways to exploit this vulnerability: - Via diagnostic CLI commands (e.g. os command) - Via CLI command injection Reportedly, attacker can exploit this vulnerability remotely via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 6.0.15. Reportedly, attacker can exploit this vulnerability via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 6.2.11. Reportedly, attacker can exploit this vulnerability via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 6.4.9. Reportedly, attacker can exploit this vulnerability via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 7.0.4. Reportedly, attacker can exploit this vulnerability via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 7.0.5. Reportedly, attacker can exploit this vulnerability via SSH, tel

Vulnerability details CVE-2021-44171:

There are two ways to exploit this vulnerability: - Via diagnostic CLI commands (e.g. os command) - Via CLI command injection

You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 7.0.5. Reportedly, attacker can exploit this vulnerability via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 7.0.4. Reportedly, attacker can exploit this vulnerability via SSH, telnet, SNMP, etc. You can protect your FortiSwitches from this attack by upgrading to the latest software version. Patch applied to Fortinet FortiOS version 7.0.3

Timeline

Published on: 10/10/2022 14:15:00 UTC
Last modified on: 10/12/2022 18:45:00 UTC

References