FortiOS - Privilege escalation via switch-control CLI command

Summary

An improper neutralization of special elements used in an os command [CWE-78] vulnerability in FortiOS may allow an authenticated attacker to execute privileged commands on a linked FortiSwitch via diagnostic CLI commands.

Affected Products

FortiOS version 6.0.0 through 6.0.14
FortiOS version 6.2.0 through 6.2.10
FortiOS version 6.4.0 through 6.4.8
FortiOS version 7.0.0 through 7.0.3

Solutions

Upgrade to FortiOS version 7.0.7 or above
Upgrade to FortiOS version 6.4.9 or above
Upgrade to FortiOS version 6.2.11 or above
Upgrade to FortiOS version 6.0.15 or above

Acknowledgement

Internally discovered and reported by FortiOS GUI development team.