← Back

CVE-2024-46670

nvd nist
Published: Jan 14, 2025Modified: Jan 31, 2025

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

An Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests.

Affected (3)

Products: Fortinet: Fortios
Fortinet
1 product
Fortios
Configuration A
3 vulnerable
Vulnerable SoftwareAffected Versions
Fortinet
Fortios
From 7.2.0 to 7.2.10
Fortios
From 7.4.0 to 7.4.5
Fortios
Version 7.6.0

Related CWEs

CWE-125
Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.

References (1)

Source: psirt@fortinet.com
Vendor Advisory

Timeline

No history available yet.