FG-IR-24-160: Stack buffer overflow in fabric service
First published: Tue Feb 11 2025(Updated: )
A stack-based buffer overflow [CWE-121] vulnerability in FortiOS CAPWAP control may allow a remote unauthenticated attacker to execute arbitrary code or commands via crafted UDP packets, provided the attacker were able to evade FortiOS stack protections and provided the fabric service is running on the exposed interface.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiOS IPS Engine | >=7.4.0<=7.4.4 | |
| Fortinet FortiOS IPS Engine | >=7.2.4<=7.2.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of FG-IR-24-160?
The severity of FG-IR-24-160 is considered high due to its potential for remote code execution.
How do I fix FG-IR-24-160?
To fix FG-IR-24-160, upgrade FortiOS to version 7.4.5 or 7.2.9 or later.
What systems are affected by FG-IR-24-160?
FG-IR-24-160 affects FortiOS versions from 7.4.0 to 7.4.4 and from 7.2.4 to 7.2.8.
Can FG-IR-24-160 be exploited without authentication?
Yes, FG-IR-24-160 can be exploited by remote unauthenticated attackers.
What type of vulnerability is FG-IR-24-160?
FG-IR-24-160 is classified as a stack-based buffer overflow vulnerability.
- collector/fortiguard-psirt-latest
- source/FortiGuard
- alias/CVE-2024-35279
- agent/last-modified-date
- agent/source
- agent/type
- agent/first-publish-date
- agent/event
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/description
- agent/tags
- collector/fortiguard-psirt
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/fortinet
- canonical/fortinet fortios ips engine
- version/fortinet fortios ips engine/7.4.0
- version/fortinet fortios ips engine/7.4.4
- version/fortinet fortios ips engine/7.2.4
- version/fortinet fortios ips engine/7.2.8