CVE-2023-47534: Buffer Overflow
First published: Tue Mar 12 2024(Updated: )
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets.
Credit: psirt@fortinet.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet Forticlient Endpoint Management Server | >=6.0.0<=6.0.8 | |
| Fortinet Forticlient Endpoint Management Server | >=6.2.0<=6.2.9 | |
| Fortinet Forticlient Endpoint Management Server | >=6.4.0<=6.4.9 | |
| Fortinet Forticlient Endpoint Management Server | >=7.0.0<=7.0.10 | |
| Fortinet Forticlient Endpoint Management Server | >=7.2.0<=7.2.2 |
Remedy
Please upgrade to FortiClientEMS version 7.2.3 or above Please upgrade to FortiClientEMS version 7.0.11 or above
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- agent/remedy
- agent/type
- agent/description
- agent/first-publish-date
- agent/author
- collector/the-register
- source/The Register
- alias/CVE-2024-21407
- alias/CVE-2024-21408
- alias/CVE-2024-21334
- alias/CVE-2024-21400
- alias/CVE-2023-32666
- alias/CVE-2023-32282
- alias/CVE-2024-2193
- alias/CVE-2023-20214
- alias/CVE-2024-20337
- alias/CVE-2024-0039
- alias/CVE-2024-23717
- alias/CVE-2023-42789
- alias/CVE-2023-42790
- alias/CVE-2023-48788
- alias/CVE-2023-47534
- alias/CVE-2023-36554
- alias/CVE-2024-23112
- alias/CVE-2023-46717
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-21762
- alias/CVE-2022-42475
- alias/CVE-2023-27997
- agent/references
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/softwarecombine
- agent/event
- agent/news-ai
- agent/tags
- agent/weakness
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/trending
- vendor/fortinet
- canonical/fortinet forticlient endpoint management server
- version/fortinet forticlient endpoint management server/6.0.0
- version/fortinet forticlient endpoint management server/6.0.8
- version/fortinet forticlient endpoint management server/6.2.0
- version/fortinet forticlient endpoint management server/6.2.9
- version/fortinet forticlient endpoint management server/6.4.0
- version/fortinet forticlient endpoint management server/6.4.9
- version/fortinet forticlient endpoint management server/7.0.0
- version/fortinet forticlient endpoint management server/7.0.10
- version/fortinet forticlient endpoint management server/7.2.0
- version/fortinet forticlient endpoint management server/7.2.2