Description
A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.
References (1)
Scores
CVSS v3
7.5
EPSS
0.0003
EPSS Percentile
9.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
yes
Technical Impact
partial
Details
CWE
CWE-436
Status
published
Products (1)
fortinet/fortios_ips_engine
< 7.312
Published
Oct 10, 2023
Tracked Since
Feb 18, 2026