logo

CVE-2022-42475 - Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability

CVE-2022-42475

Fortinet | FortiOS

  • Date Added:
  • 2022-12-13
  • Due Date:
  • 2023-01-03
Vulnerability Name

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability

Description

Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply updates per vendor instructions.

Additional Notes
https://www.fortiguard.com/psirt/FG-IR-22-398; https://nvd.nist.gov/vuln/detail/CVE-2022-42475
Related News Articles

Free security scan for your website