Fortinet has disclosed a critical heap-based buffer overflow vulnerability (CWE-122) in the cw_acd daemon of FortiOS and FortiSwitchManager.

This flaw enables a remote, unauthenticated attacker to execute arbitrary code or commands by sending specially crafted requests over the network.

news

Fortinet has disclosed a critical heap-based buffer overflow vulnerability (CWE-122) in the cw_acd daemon of FortiOS and FortiSwitchManager.

This flaw enables a remote, unauthenticated attacker to execute arbitrary code or commands by sending specially crafted requests over the network.