← back
CVE-2017-14187

CVE-2017-14187

EPSS 0.5%
A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.
Affected products
Fortinet, Inc. · FortiOS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-17-245http://www.securityfocus.com/bid/104312http://www.securitytracker.com/id/1040983