CVE-2026-22627 Fortinet — Exploit & Vulnerability Details HIGH

CVE-2026-22627

HIGH CVSS 3.1: 8.8 EPSS 0.02%

Parameter	Value
CVSS	8.8 (HIGH)
Type	CWE-120 (Buffer Copy without Checking Size)
Vendor	Fortinet
Public PoC	No

A buffer copy without checking size of input ('classic buffer overflow') vulnerability in Fortinet FortiSwitchAXFixed 1.0.0 through 1.0.1 may allow an unauthenticated attacker within the same adjacent network to execute unauthorized code or commands on the device via sending a crafted LLDP packet.

Attack Parameters

Attack Vector

Adjacent

Requires local network access

Attack Complexity

Low

Easy to exploit

Privileges Required

None

No privileges needed

User Interaction

None

No user interaction needed

Impact Assessment

Confidentiality

High

Complete data leak

Integrity

High

Complete data modification

Availability

High

Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-120 Buffer Copy without Checking Size

References 1

https://fortiguard.fortinet.com/psirt/FG-IR-26-086

psirt@fortinet.com

Share Post Share Share Share

Related Vulnerabilities

CVE-2026-30897

Fortinet

6.6

CVE-2026-25972

Fortinet

4.3

CVE-2026-25836

Fortinet

7.2

CVE-2026-25689

Fortinet

6.5

CVE-2026-24641

Fortinet

2.7

Menu

CVE-2026-22627

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-30897

CVE-2026-25972

CVE-2026-25836

CVE-2026-25689

CVE-2026-24641

CVE Details

Editor's Choice

Menu

CVE-2026-22627

Attack Parameters

Impact Assessment

CVSS Vector v3.1

Weakness Type (CWE)

References 1

Related Vulnerabilities

CVE-2026-30897

CVE-2026-25972

CVE-2026-25836

CVE-2026-25689

CVE-2026-24641

CVE Details

Editor's Choice

Stay informed on cybersecurity