CVE-2023-40721
A use of externally-controlled format string vulnerability [CWE-134] vulnerability in Fortinet allows a privileged attacker to execute arbitrary code or commands via specially crafted requests.
| Software | From | Fixed in |
|---|---|---|
| fortinet / fortios | 7.4.0 | 7.4.0.x |
| fortinet / fortios | 7.2.0 | 7.2.7 |
| fortinet / fortios | 6.2.0 | 7.0.14 |
| fortinet / fortiswitchmanager | 7.2.0 | 7.2.3 |
| fortinet / fortiswitchmanager | 7.0.0 | 7.0.3 |
| fortinet / fortiproxy | 7.4.0 | 7.4.0.x |
| fortinet / fortiproxy | 7.2.0 | 7.2.8 |
| fortinet / fortiproxy | 1.2.0 | 7.0.15 |
| fortinet / fortipam | 1.0.0 | 1.2.0 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime