CVE-2023-46718 – This CVE describes a stack-based buffer overflo... (How to Fix)

Q: What is the severity of CVE-2023-46718?

CVE-2023-46718 has a CVSS score of 6.7 (MEDIUM). This CVE describes a stack-based buffer overflow vulnerability in Fortinet FortiOS that allows attackers to execute arbitrary code or commands via specially crafted CLI commands. The vulnerability affects multiple FortiOS versions across major release branches. Organizations using affected FortiOS versions on their FortiGate devices are at risk.

📋 TL;DR

This CVE describes a stack-based buffer overflow vulnerability in Fortinet FortiOS that allows attackers to execute arbitrary code or commands via specially crafted CLI commands. The vulnerability affects multiple FortiOS versions across major release branches. Organizations using affected FortiOS versions on their FortiGate devices are at risk.

💻 Affected Systems

Products:

Fortinet FortiOS

Versions: 7.4.0-7.4.1, 7.2.0-7.2.7, 7.0.0-7.0.12, 6.4.6-6.4.15, 6.2.9-6.2.16, 6.0.13-6.0.18

Operating Systems: FortiOS

Default Config Vulnerable: ⚠️ Yes

Notes: Affects FortiGate devices running vulnerable FortiOS versions. Requires CLI access to exploit.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise allowing attacker to gain root privileges, install persistent backdoors, pivot to internal networks, and exfiltrate sensitive data.

🟠

Likely Case

Attacker gains administrative access to the FortiGate device, enabling configuration changes, traffic interception, and lateral movement to connected networks.

🟢

If Mitigated

Limited impact due to network segmentation, restricted CLI access, and proper authentication controls preventing exploitation.

🌐 Internet-Facing: MEDIUM - Requires CLI access which is typically not exposed to internet, but could be reached through compromised management interfaces.

🏢 Internal Only: HIGH - Internal attackers or those who have gained initial foothold can exploit this to escalate privileges and move laterally.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires authenticated CLI access. Exploitation involves crafting specific CLI commands to trigger buffer overflow.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: FortiOS 7.4.2, 7.2.8, 7.0.13, 6.4.16, 6.2.17, 6.0.19 and later

Vendor Advisory: https://fortiguard.fortinet.com/psirt/FG-IR-23-354

Restart Required: No

Instructions:

1. Log into FortiGate web interface. 2. Navigate to System > Firmware. 3. Upload and install the patched firmware version. 4. Verify installation and configuration integrity.

🔧 Temporary Workarounds

Restrict CLI Access

all

Limit CLI access to trusted administrative accounts and networks only

config system admin
edit <admin_user>
set trusthost1 <trusted_ip>/<mask>
end

Enable CLI Session Logging

all

Enable detailed logging of CLI sessions for detection and auditing

config log setting
set cli-audit-log enable
end

🧯 If You Can't Patch

Implement strict network segmentation to isolate FortiGate management interfaces
Enforce multi-factor authentication for all administrative accounts

🔍 How to Verify

Check if Vulnerable:

Check FortiOS version via CLI: 'get system status' or web interface: Dashboard > Status

Check Version:

get system status | grep Version

Verify Fix Applied:

Verify installed version is equal to or higher than patched versions listed in vendor advisory

📡 Detection & Monitoring

Log Indicators:

Unusual CLI command patterns
Multiple failed CLI authentication attempts
CLI sessions from unexpected source IPs

Network Indicators:

Unusual traffic patterns from FortiGate management interfaces
Anomalous outbound connections from FortiGate

SIEM Query:

source="fortigate" AND (event_type="cli" AND command="*" AND user!="expected_admin")

📊 Metadata

CVE ID: CVE-2023-46718

CVSS v3 Score: 6.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-121

EPSS Score: 0.02% exploit probability (6.1th percentile)

Published: October 14, 2025

Last Updated: October 16, 2025

🔗 References

https://fortiguard.fortinet.com/psirt/FG-IR-23-354 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-46718, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Fortios by Fortinet

Fortios by Fortinet

Fortios by Fortinet

Fortios by Fortinet

Fortios by Fortinet

Fortiproxy by Fortinet

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Restrict CLI Access

Enable CLI Session Logging

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities