CVE-2021-36169

Description

A Hidden Functionality in Fortinet FortiOS 7.x before 7.0.1, FortiOS 6.4.x before 6.4.7 allows attacker to Execute unauthorized code or commands via specific hex read/write operations.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

High

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

Low

Availability

Low

Physical

Changed

Affected products

fortinet / Fortinet FortiOSFortiOS 7.0.0, 6.4.6, 6.2.9 – FortiOS 7.0.0, 6.4.6, 6.2.9

References

MISChttps://fortiguard.com/advisory/FG-IR-21-091