CVE-2022-42475 - Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
CVE-2022-42475
Fortinet | FortiOS
- Date Added:
- 2022-12-13
- Due Date:
- 2023-01-03
- Vulnerability Name
Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability
- Description
Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://www.fortiguard.com/psirt/FG-IR-22-398; https://nvd.nist.gov/vuln/detail/CVE-2022-42475
- Related News Articles
Free security scan for your website