A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context
History

Fri, 20 Dec 2024 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 19 Dec 2024 07:45:00 +0000

Type Values Removed Values Added
Description A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context
First Time appeared Fortinet
Fortinet fortios
Weaknesses CWE-122
CPEs cpe:2.3:o:fortinet:fortios:5.6.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.11:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.12:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:5.6.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.10:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.5:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.6:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.7:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.8:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.0.9:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.1:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.2:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.3:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.2.4:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:6.4.1:*:*:*:*:*:*:*
Vendors & Products Fortinet
Fortinet fortios
References
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L/E:U/RL:X/RC:X'}


cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-12-19T07:40:58.144Z

Updated: 2024-12-20T17:41:24.593Z

Reserved: 2020-05-12T00:00:00.000Z

Link: CVE-2020-12819

cve-icon Vulnrichment

Updated: 2024-12-20T16:46:00.900Z

cve-icon NVD

Status : Received

Published: 2024-12-19T08:15:11.770

Modified: 2024-12-19T08:15:11.770

Link: CVE-2020-12819

cve-icon Redhat

No data.