CVE-2026-22627

HIGH

Fortinet FortiSwitchAXFixed 1.0.0-1.0.1 - Buffer Overflow

Title source: llm

Description

A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet.

References (1)

[Various Sources] https://fortiguard.fortinet.com/psirt/FG-IR-26-086

Scores

CVSS v3 8.8

EPSS 0.0003

EPSS Percentile 9.1%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-120

Status published

Products (1)

fortinet/fortiswitchaxfixed 1.0.0 - 1.0.2

Published Mar 10, 2026

Tracked Since Mar 11, 2026