A buffer underwrite (CWE-124) vulnerability in the firmware verification routine of FortiWeb, FortiOS, FortiSwitch, FortiADC, FortiAI, FortiManager, FortiAnalyzer, FortiProxy may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.