Out-of-bounds Write in FortiADC

Successful exploitation may allow arbitrary code execution in the context of the affected FortiADC service. This could enable an authenticated attacker to install programs, manipulate or delete data, create accounts, or otherwise fully compromise the affected appliance or its application context, depending on the privileges of the vulnerable process.

If immediate patching is not possible, reduce exposure of the FortiADC management and application interfaces to trusted networks only, restrict access to authenticated users with least privilege, monitor for anomalous or malformed HTTP requests, and implement network segmentation and compensating controls such as WAF or reverse-proxy filtering where feasible. Increased logging, alerting, and review of administrative activity are also advisable until remediation is completed.

Upgrade FortiADC to a fixed release provided by Fortinet. The supplied content identifies the affected versions as 8.0.0, 7.6.0 through 7.6.2, 7.4.0 through 7.4.7, and all versions of 7.2, 7.1, 7.0, and 6.2; organizations should move to a vendor-remediated version outside those ranges in accordance with Fortinet's advisory. Apply normal patch-management validation and prioritize internet-exposed and high-value administrative interfaces.