{"cve":{"cve_id":"CVE-2024-23113","is_kev":true,"kev_date_added":"2024-10-09","kev_vendor_project":"Fortinet","kev_product":"Multiple Products","kev_vulnerability_name":"Fortinet Multiple Products Format String Vulnerability","kev_short_description":"Fortinet FortiOS, FortiPAM, FortiProxy, and FortiWeb contain a format string vulnerability that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.","kev_required_action":"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.","kev_due_date":"2024-10-30","kev_known_ransomware":false,"kev_notes":"https://www.fortiguard.com/psirt/FG-IR-24-029 ; https://nvd.nist.gov/vuln/detail/CVE-2024-23113","kev_cwes":["CWE-134"],"epss_score":0.61725,"epss_percentile":0.99055,"epss_as_of":"2026-06-23","description":"A use of externally-controlled format string in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, FortiPAM versions 1.2.0, 1.1.0 through 1.1.2, 1.0.0 through 1.0.3, FortiSwitchManager versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.3 allows attacker to execute unauthorized code or commands via specially crafted packets.","published_at":"2024-02-15T13:59:25.313000Z","last_modified_at":null,"cvss_v3_score":9.8,"cvss_v3_vector":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C","cvss_v3_severity":"CRITICAL","cvss_v4_score":null,"cvss_v4_vector":null,"cvss_v4_severity":null,"ssvc_decision":null,"ssvc_exploitation":"active","ssvc_automatable":true,"ssvc_technical_impact":"total","cwes":["CWE-134"],"nvd_references":["https://fortiguard.com/psirt/FG-IR-24-029"],"vuln_status":null,"trending_score":null,"is_trending":false,"has_trended":false,"trended_number_one":false,"trending_peak_score":null,"trending_peak_rank":null,"started_trending_at":null,"trended_number_one_at":null,"summary_generated":null,"summary_generated_at":null,"summary_model":null,"created_at":"2026-06-24T00:09:31.350578Z","updated_at":"2026-06-29T01:52:43.586964Z"},"effective_severity":"CRITICAL","badges":["kev","epss"],"impact_analysis":[],"cvss_v3_decoded":{"version":"3.1","metrics":[{"metric":"AV","name":"Attack Vector","value":"N","value_label":"Network"},{"metric":"AC","name":"Attack Complexity","value":"L","value_label":"Low"},{"metric":"PR","name":"Privileges Required","value":"N","value_label":"None"},{"metric":"UI","name":"User Interaction","value":"N","value_label":"None"},{"metric":"S","name":"Scope","value":"U","value_label":"Unchanged"},{"metric":"C","name":"Confidentiality","value":"H","value_label":"High"},{"metric":"I","name":"Integrity","value":"H","value_label":"High"},{"metric":"A","name":"Availability","value":"H","value_label":"High"},{"metric":"E","name":"E","value":"H","value_label":"High"},{"metric":"RL","name":"RL","value":"U","value_label":"Unchanged"},{"metric":"RC","name":"RC","value":"C","value_label":"Changed"}]},"cvss_v4_decoded":{"version":null,"metrics":[]},"affected":[{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortios","product_name":"FortiOS","version_start":"7.4.0","version_start_inclusive":true,"version_end":"7.4.2","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortios:7.4.0:7.4.2"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortios","product_name":"FortiOS","version_start":"7.2.0","version_start_inclusive":true,"version_end":"7.2.6","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortios:7.2.0:7.2.6"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortios","product_name":"FortiOS","version_start":"7.0.0","version_start_inclusive":true,"version_end":"7.0.13","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortios:7.0.0:7.0.13"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortipam","product_name":"fortipam","version_start":"1.1.0","version_start_inclusive":true,"version_end":"1.1.2","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortipam:1.1.0:1.1.2"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortipam","product_name":"fortipam","version_start":"1.0.0","version_start_inclusive":true,"version_end":"1.0.3","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortipam:1.0.0:1.0.3"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortipam","product_name":"fortipam","version_start":"1.2.0","version_start_inclusive":true,"version_end":"1.2.0","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortipam:1.2.0:1.2.0"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortiproxy","product_name":"fortiproxy","version_start":"7.0.0","version_start_inclusive":true,"version_end":"7.0.15","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortiproxy:7.0.0:7.0.15"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortiproxy","product_name":"fortiproxy","version_start":"7.4.0","version_start_inclusive":true,"version_end":"7.4.2","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortiproxy:7.4.0:7.4.2"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortiproxy","product_name":"fortiproxy","version_start":"7.2.0","version_start_inclusive":true,"version_end":"7.2.8","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortiproxy:7.2.0:7.2.8"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortiswitchmanager","product_name":"fortiswitchmanager","version_start":"7.0.0","version_start_inclusive":true,"version_end":"7.0.3","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortiswitchmanager:7.0.0:7.0.3"},{"vendor_slug":"fortinet","vendor_name":"fortinet","product_slug":"fortiswitchmanager","product_name":"fortiswitchmanager","version_start":"7.2.0","version_start_inclusive":true,"version_end":"7.2.3","version_end_inclusive":true,"cpe23_uri":"cve5:fortinet:fortiswitchmanager:7.2.0:7.2.3"}],"exploit_refs":[],"news":[],"references":[{"url":"https://fortiguard.com/psirt/FG-IR-24-029","source_type":"VENDOR_ADVISORY","tags":["advisory"]}],"timeline":[{"type":"published","at":"2024-02-15T13:59:25.313000Z","label":"CVE published","source":null},{"type":"cisa_reported","at":"2024-10-09T00:00:00Z","label":"Added to CISA KEV catalog","source":"kev"},{"type":"cvss_changed","at":"2026-06-28T17:34:07.300321Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:34:07.300321Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"cvss_changed","at":"2026-06-28T17:34:07.300321Z","label":"CVSS score revised","source":"cvelistv5"},{"type":"ssvc_changed","at":"2026-06-29T01:52:43.586964Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:52:43.586964Z","label":"SSVC decision revised","source":"vulnrichment"},{"type":"ssvc_changed","at":"2026-06-29T01:52:43.586964Z","label":"SSVC decision revised","source":"vulnrichment"}]}