FortiOS and FortiSwitchManager Vulnerability Let Remote Attackers Execute Arbitrary Code

Posted on By CWS

Fortinet has disclosed a essential heap-based buffer overflow vulnerability (CWE-122) within the cw_acd daemon of FortiOS and FortiSwitchManager.

This flaw allows a distant, unauthenticated attacker to execute arbitrary code or instructions by sending specifically crafted requests over the community.

Organizations counting on Fortinet’s firewalls, safe entry service edge (SASE) options, and change administration instruments face excessive threat, particularly in environments with uncovered material interfaces.

Found internally by Fortinet Product Safety Crew member Gwendal Guégniaud, the vulnerability was revealed on January 13, 2026. Whereas no CVE identifier has been assigned but, Fortinet urges quick patching as a result of threat of full-system compromise with out authentication.

A number of FortiOS branches, FortiSASE releases, and FortiSwitchManager variations are impacted. Directors ought to confirm their deployments and comply with the beneficial improve paths utilizing Fortinet’s improve device.

ProductAffected VersionsSolutionFortiOS 7.67.6.0 by way of 7.6.3Upgrade to 7.6.4 or aboveFortiOS 7.47.4.0 by way of 7.4.8Upgrade to 7.4.9 or aboveFortiOS 7.27.2.0 by way of 7.2.11Upgrade to 7.2.12 or aboveFortiOS 7.07.0.0 by way of 7.0.17Upgrade to 7.0.18 or aboveFortiOS 6.46.4.0 by way of 6.4.16Upgrade to six.4.17 or aboveFortiSASE 25.225.2.bAlready remediated in 25.2.cFortiSASE 25.1.a25.1.a.2Migrate to mounted releaseFortiSASE 24.4–22Not affectedN/AFortiSwitchManager 7.27.2.0 by way of 7.2.6Upgrade to 7.2.7 or aboveFortiSwitchManager 7.07.0.0 by way of 7.0.5Upgrade to 7.0.6 or above

Workarounds

Within the absence of patches, Fortinet recommends two mitigations. First, disable “material” entry on interfaces:

textconfig system interface
edit “port1”
set allowaccess ssh https # Take away ‘material’
subsequent
finish

Second, block CAPWAP-CONTROL visitors (UDP ports 5246-5249) by way of local-in insurance policies, permitting solely trusted sources. Outline customized providers, deal with teams, and insurance policies to allow from authorized IPs whereas denying others.

Fortinet advises prioritizing upgrades, monitoring logs for anomalous cw_acd exercise, and segmenting administration interfaces. This vulnerability underscores the continuing want for vigilant patch administration in enterprise networks.

Comply with us on Google Information, LinkedIn, and X for each day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

GitHub Outage Disrupts Core Services Globally for Users Cyber Security News
Qilin Ransomware Surging Following The Fall of dominant RansomHub RaaS Cyber Security News
New macOS TCC Bypass Vulnerability Allow Attackers to Access Sensitive User Data Cyber Security News
New Spear-Phishing Attack Targeting Financial Executives by Deploying NetBird Malware Cyber Security News
New Sneaky 2FA Phishing Kit with BitB Technique Attacking Users to Steal Microsoft Account Credentials Cyber Security News
Wing FTP Server Vulnerability Actively Exploited Cyber Security News