Sunday, May 18, 2025
HomeSSL/TLSFortiOS SSL-VPN Bug Let Attackers Execute Arbitrary Code Remotely

FortiOS SSL-VPN Bug Let Attackers Execute Arbitrary Code Remotely

Published on

SIEM as a Service

Follow Us on Google News

A critical vulnerability in FortiOS SSL-VPN let attackers perform unauthenticated arbitrary code execution remotely, and this flaw has been tracked as CVE-2022-42475.

This vulnerability resides in FortiOS sslvpnd and it could potentially be exploited by unauthenticated attackers to perform code execution on vulnerable devices remotely.

In response to an actively exploited FortiOS SSL-VPN flaw, Fortinet strongly urged all its customers to immediately patch their appliances. 

- Advertisement - Google News

Moreover, a French cybersecurity firm known as Olympe Cyberdefense disclosed this zero-day vulnerability to the public for the first time.

Flaw Profile

  • CVE ID: CVE-2022-42475
  • Description: A heap-based buffer overflow bug.vul
  • CVSSv3 Score: 9.3
  • Severity: Critical
  • Impact: Execute unauthorized code or commands
  • IR Number: FG-IR-22-398
  • Date: Dec 12, 2022

This critical flaw was quietly fixed by Fortinet in FortiOS 7.2.3 on 28th November 2022. Even there is no information that has been released by Fortinet about how this zero-day vulnerability has been exploited by third parties.

On the 7th of December 2022, the company published a private TLP:Amber advisory in which it mentioned further details about this untold zero-day vulnerability.

Affected Products

Here below we have mentioned all the products that are affected:-

  • FortiOS version 7.2.0 through 7.2.2
  • FortiOS version 7.0.0 through 7.0.8
  • FortiOS version 6.4.0 through 6.4.10
  • FortiOS version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 7.0.0 through 7.0.7
  • FortiOS-6K7K version 6.4.0 through 6.4.9
  • FortiOS-6K7K version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 6.0.0 through 6.0.14

Solutions

Here below we have mentioned solutions offered by the company:-

  • Please upgrade to FortiOS version 7.2.3 or above
  • Please upgrade to FortiOS version 7.0.9 or above
  • Please upgrade to FortiOS version 6.4.11 or above
  • Please upgrade to FortiOS version 6.2.12 or above
  • Please upgrade to FortiOS-6K7K version 7.0.8 or above
  • Please upgrade to FortiOS-6K7K version 6.4.10 or above
  • Please upgrade to FortiOS-6K7K version 6.2.12 or above
  • Please upgrade to FortiOS-6K7K version 6.0.15 or above

For now, as a recommendation, experts have strongly urged users to immediately patch their vulnerable devices to prohibit the further exploitation of this flaw.

Apart from this, cybersecurity researchers have also recommended users monitor logs and disable the VPN-SSL functionality in case any user is unable to apply the patches right now. 

Even in order to limit the number of connections that can be made from a specific IP address, you should create access rules.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book

Latest articles

VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering...

Critical WordPress Plugin Flaw Puts Over 10,000 Sites of Cyberattack

A serious security flaw affecting the Eventin plugin, a popular event management solution for...

Sophisticated NPM Attack Leverages Google Calendar2 for Advanced Communication

A startling discovery in the npm ecosystem has revealed a highly sophisticated malware campaign...

New Ransomware Attack Targets Elon Musk Supporters Using PowerShell to Deploy Payloads

A newly identified ransomware campaign has emerged, seemingly targeting supporters of Elon Musk through...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

SonicWall SMA1000 Vulnerability Allow Attackers to Exploit Encoded URLs To Remotely Gain Internal Systems Access

SonicWall has issued a critical security advisory (SNWLID-2025-0010) for its SMA1000 Appliance Work Place...

Intruder vs. Acunetix vs. Attaxion: Comparing Vulnerability Management Solutions

The vulnerability management market is projected to reach US$24.08 billion by 2030, with numerous...

CISA Alerts on Active Exploitation of Zero-Day Vulnerability in Multiple Fortinet Products

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding...