- 297/2022
- Critical
Fortinet has released security updates to fix a critical zero-day vulnerability in FortiOS and FortiOS-6k7k.
The addressed vulnerability could allow the remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests to gain access to the affected product.
FortiOS heap-based buffer overflow in sslvpnd (CVE-2022-42475):
• CVSS: 9.3
• Attack Vector: Network
• Attack Complexity: low
• Privileges Required: None
• User Interaction: None
• Consequences: Gain Access
It should be highlighted Fortinet is aware that this vulnerability was exploited in the wild.
Indicators of Compromise
Indicators of compromise will be shared with EG-FinCIRT’s Constituents
Vulnerabilities
- CVE-2022-42475
Mitigations
• The enterprise should deploy this patch as soon as the testing phase is completed.
• Search for the mentioned IOCs against the FortiGate device.
• Block IP-based IOCs at the organization’s security devices.