Integer Overflow/Wraparound Vulnerability in FortiSwitch, FortiRecorder, FortiOS, FortiProxy, and FortiVoiceEnterprise

Integer Overflow/Wraparound Vulnerability in FortiSwitch, FortiRecorder, FortiOS, FortiProxy, and FortiVoiceEnterprise

CVE-2021-42755 · MEDIUM Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

An integer overflow / wraparound vulnerability [CWE-190] in FortiSwitch 7.0.2 and below, 6.4.9 and below, 6.2.x, 6.0.x; FortiRecorder 6.4.2 and below, 6.0.10 and below; FortiOS 7.0.2 and below, 6.4.8 and below, 6.2.10 and below, 6.0.x; FortiProxy 7.0.0, 2.0.6 and below, 1.2.x, 1.1.x, 1.0.x; FortiVoiceEnterprise 6.4.3 and below, 6.0.10 and below dhcpd daemon may allow an unauthenticated and network adjacent attacker to crash the dhcpd deamon, resulting in potential denial of service.

Learn more about our Cis Benchmark Audit For Apple Ios.