FortiOS/FortiProxy – Proxy mode with deep inspection – Stack-based buffer overflow


A stack-based overflow vulnerability [CWE-124] in FortiOS & FortiProxy may allow a remote attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.

Workaround: Disable deep inspection on proxy policies or firewall policies with proxy mode.

Read more…
Source: FortiGuard Labs/Fortinet