Vulnerability in Fortinet Ips Engine

CVE-2023-40718

A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.

EPSS: 0.000 (9.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:F/RL:O/RC:R.

Affected products

Fortinet Ips Engine — versions 7.321, 7.166, 6.158

Weakness classification (CWE)

CWE-436

References

https://fortiguard.com/psirt/FG-IR-23-090

Frequently asked questions

What is CVE-2023-40718?: CVE-2023-40718 is a medium-severity vulnerability in Fortinet Ips Engine, classified under CWE-436. CVSS score: 6.7/10. Published 2023-10-10.
How severe is CVE-2023-40718?: Medium severity. CVSS v3 base score is 6.7 out of 10.