CVE-2021-44168

Low CVSS 3.3

Overview

A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.

CWE: CWE-494 Published: 2022-01-04T13:15:07.957

Risk analysis

This vulnerability is rated 🟢 LOW.

CVSS: 3.3 (LOW)
Detected tags: none (tag impact: LOW)

Recommended actions:

Prioritize remediation based on business criticality and exposure.
Limit exposure and increase monitoring until fixed.

Overview

Recommended tools

Tags