Rewterz Threat Advisory – CVE-2021-1539; CVE-2021-1540 – Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
June 3, 2021Rewterz Threat Alert – LockBit Ransomware targeting Network – Active IOCs
June 3, 2021Rewterz Threat Advisory – CVE-2021-1539; CVE-2021-1540 – Cisco ASR 5000 Series Software Authorization Bypass Vulnerabilities
June 3, 2021Rewterz Threat Alert – LockBit Ransomware targeting Network – Active IOCs
June 3, 2021Severity
Medium
Analysis Summary
CVE-2021-26094
Multiple instances of stack-based buffer overflow vulnerability in the command line interface of FortiWLC may allow a local, authenticated attacker to crash the access point being managed by the controller and potentially execute unauthorized code via a specifically crafted CLI command.
Impact
- Remote code execution
- Denial of Service
Affected Vendors
Fortinet
Affected Products
- FortiWLC version 8.6.0 and below
- FortiWLC version 8.5.3 and below
Remediation
For FortiWLC upgrade to version 8.6.1 or above and for FortiWLC version 8.5.4 and above