GHSA-8vr7-33jp-gfgw
GitHub Security Advisory
⚠ Unreviewed
MODERATE
Has CVE
Advisory Details
A heap-based buffer overflow vulnerability in the processing of Link Control Protocol messages in FortiGate versions 5.6.12, 6.0.10, 6.2.4 and 6.4.1 and earlier may allow a remote attacker with valid SSL VPN credentials to crash the SSL VPN daemon by sending a large LCP packet, when tunnel mode is enabled. Arbitrary code execution may be theoretically possible, albeit practically very difficult to achieve in this context
Related CVEs
Key Information
5.0
/10
Dataset
Last updated: June 18, 2025 6:25 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.