CVE-2023-46715 — Vulnetix

CVE-2023-46715 PUBLISHED

Es besteht eine Schwachstelle in Fortinet FortiOS. Diese Schwachstelle betrifft das IPSec-VPN aufgrund eines Ursprungsvalidierungsfehlers, der IP-Spoofing ermöglicht. Ein entfernter, authentisierter Angreifer kann diese Schwachstelle ausnutzen, um die IP-Adresse eines anderen Benutzers zu fälschen, indem er manipulierte Netzwerkpakete sendet.

EPSS 0.21% · 43.9th percentile

Risk Scores

EPSS Score

0.21%

43.9th percentile

Affected Products

Vendor	Product	Versions
Fortinet	Fortinet FortiOS

Exploit Intelligence

rules.yar (github-yara)
rules.yar (github-yara)
rules.yar (github-yara)
rules.yar (github-yara)
rules.yar (github-yara)
rules.yar (github-yara)

Timeline

Jan 14, 2025 CVE Published
Jan 14, 2025 CVE Updated
Jan 15, 2025 EPSS Score
Jan 31, 2025 EPSS Score
Feb 15, 2025 EPSS Score
Mar 3, 2025 EPSS Score
Mar 18, 2025 EPSS Score
Apr 3, 2025 EPSS Score
Apr 18, 2025 EPSS Score
Apr 28, 2025 PoC Published
May 4, 2025 EPSS Score
May 19, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0088.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0088 advisory
https://www.fortiguard.com/psirt/FG-IR-23-473 advisory
https://www.fortiguard.com/psirt/FG-IR-24-326 advisory
https://www.fortiguard.com/psirt/FG-IR-24-250 advisory
https://www.fortiguard.com/psirt/FG-IR-24-219 advisory
https://www.fortiguard.com/psirt/FG-IR-24-267 advisory
https://www.fortiguard.com/psirt/FG-IR-24-266 advisory
https://www.fortiguard.com/psirt/FG-IR-23-407 advisory
https://www.fortiguard.com/psirt/FG-IR-23-293 advisory
https://www.fortiguard.com/psirt/FG-IR-24-373 advisory
https://www.fortiguard.com/psirt/FG-IR-24-282 advisory

Open in Interactive Console →