A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2018-05-24T20:00:00Z
Updated: 2024-09-17T02:31:22.203Z
Reserved: 2017-09-07T00:00:00
Link: CVE-2017-14187
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-05-24T20:29:00.210
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-14187
Redhat
No data.