How severe is CVE-2021-44168?

CVE-2021-44168 has a CVSS v3 score of 3.3 (LOW).

CVE-2021-44168

Name: fortios
Author: fortinet

3.3LOW

A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the de

公開日: 1/4/2022更新日: 10/24/2025

CISA既知の悪用された脆弱性

Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files.

必要な対応:

Apply updates per vendor instructions.

期限:

2021-12-24

説明

A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.

AI分析AIによる分析

影響を受ける製品

fortinetfortios

参照

https://fortiguard.com/psirt/FG-IR-21-201
Vendor Advisory
https://fortiguard.com/psirt/FG-IR-21-201
Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2021-44168
US Government Resource