CVE-2024-46669 LOW

CVE-2024-46669

Vendor Fortinet
Product FortiOS
Weakness CWE-190
Published January 14, 2025
Last update January 14, 2026

CVSS base score

3.2/10
Attack vector Adjacent
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:P/RL:X/RC:R

What the vulnerability does

01Description

An Integer Overflow or Wraparound vulnerability [CWE-190] in version 7.4.4 and below, version 7.2.10 and below; FortiSASE version 23.4.b FortiOS tenant IPsec IKE service may allow an authenticated attacker to crash the IPsec tunnel via crafted requests, resulting in potential denial of service.

Key dates

02Disclosure timeline

January 14, 2025 CVE published
January 14, 2026 Record updated