Vulnerability Database

290,020

Total vulnerabilities in the database

CVE-2017-14187

A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command.

  • Published: May 24, 2018
  • Updated: Apr 13, 2023
  • CVE: CVE-2017-14187
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 6.2
  • AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
fortinet / fortios 5.6.0 5.6.2.x
fortinet / fortios - 5.2.0.x
fortinet / fortios 5.4.0 5.4.8.x