Skip to content

FortiOS Heap-Based Buffer Overflow in SSL-VPN - 20230117003

Overview

FortiGuard have advised a heap-based buffer overflow vulnerability in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

What is the vulnerability ?

CVE-2022-42475 - CVSS Score 9.3

What is vulnerable ?

The vulnerability affects the following products:

  • FortiOS version 7.2.0 through 7.2.2
  • FortiOS version 7.0.0 through 7.0.8
  • FortiOS version 6.4.0 through 6.4.10
  • FortiOS version 6.2.0 through 6.2.11
  • FortiOS version 6.0.0 through 6.0.15
  • FortiOS version 5.6.0 through 5.6.14
  • FortiOS version 5.4.0 through 5.4.13
  • FortiOS version 5.2.0 through 5.2.15
  • FortiOS version 5.0.0 through 5.0.14
  • FortiOS-6K7K version 7.0.0 through 7.0.7
  • FortiOS-6K7K version 6.4.0 through 6.4.9
  • FortiOS-6K7K version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 6.0.0 through 6.0.14
  • FortiProxy version 7.2.0 through 7.2.1
  • FortiProxy version 7.0.0 through 7.0.7
  • FortiProxy version 2.0.0 through 2.0.11
  • FortiProxy version 1.2.0 through 1.2.13
  • FortiProxy version 1.1.0 through 1.1.6
  • FortiProxy version 1.0.0 through 1.0.7

Additionally, FortiGuard have provided information on how to check for the presence of indicators of compromise in their Knowledgebase Article: https://www.fortiguard.com/psirt/FG-IR-22-398

What has been observed?

Fortinet is aware of an instance where this vulnerability was exploited in the wild, and recommends immediately validating your systems against the following indicators of compromise

Recommendation

Due to the report of active exploitation, it is strongly recommended to patch this vulnerability within 2 weeks across all affected platforms as per vendor instructions: https://www.fortiguard.com/psirt/FG-IR-22-398