CVE-2023-28002 in FortiOSinfo

Zusammenfassung

von MITRE • 14.11.2023

An improper validation of integrity check value vulnerability [CWE-354] in FortiOS 7.2.0 through 7.2.3, 7.0.0 through 7.0.12, 6.4 all versions, 6.2 all versions, 6.0 all versions and FortiProxy 7.2 all versions, 7.0 all versions, 2.0 all versions VMs may allow a local attacker with admin privileges to boot a malicious image on the device and bypass the filesystem integrity check in place.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Fortinet, Inc.

Reservieren

09.03.2023

Veröffentlichung

14.11.2023

Moderieren

akzeptiert

Eintrag

VDB-245185

CPE

bereit

CWE

CWE-354 (bestätigt)

CVSS

6.7 (NVD)

EPSS

0.00006

KEV

nein

Aktivitäten

very low

Sektor

Police, Insurance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2023-28002
NVD	https://nvd.nist.gov/vuln/detail/CVE-2023-28002
CVE Details	https://www.cvedetails.com/cve/CVE-2023-28002/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!