vendor announcement
Fortinet Patches Multiple Vulnerabilities Including Code Execution in FortiOSCVE-2024-23110
Fortinet released patches for multiple vulnerabilities in FortiOS and other products, including a high-severity stack-based buffer overflow (CVE-2024-23110) that could allow authenticated attackers to execute unauthorized code via crafted CLI arguments. Additional medium-severity flaws could lead to remote code execution, JavaScript injection, or backup decryption. No active exploitation was reported, but Fortinet products have been targeted in the past.