cbcvebase.
CVE-2021-44168
published 2022-01-04

CVE-2021-44168: A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated…

PriorityP181high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
KEVITWEXPLOITInitial access
CISA Known Exploited Vulnerabilitydue 2021-12-24
Exploited in the wild
EPSS
0.87%
54.3th percentile
A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages.

Affected

6 ranges
VendorProductVersion rangeFixed in
fortinetfortinet_fortios
fortinetfortios< 6.0.146.0.14
fortinetfortios
fortinetfortios>= 6.2.0 < 6.2.106.2.10
fortinetfortios>= 6.4.0 < 6.4.86.4.8
fortinetfortios>= 7.0.0 < 7.0.37.0.3

Detection & IOCsextracted from sources · hover to see the quote

commandexecute restore src-vis
  • Monitor for use of the 'execute restore src-vis' CLI command on FortiOS devices, particularly when invoked by local authenticated users, as it can be abused to download arbitrary files via specially crafted update packages.
  • Inspect update packages supplied to the 'execute restore src-vis' command for unexpected or unauthorized content, as the command performs no integrity checking on downloaded code.
  • ·Vulnerability only affects FortiOS versions before 7.0.3; devices running 7.0.3 or later are not affected.
  • ·Exploitation requires local authenticated access; this is not a remote unauthenticated attack vector. CVSS score is 3.3 (Low).

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.04.6MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P
vulncheck3.3LOW
cisa7.8HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.