Sunday, December 3, 2023

FortiOS SSL-VPN Bug Let Attackers Execute Arbitrary Code Remotely

A critical vulnerability in FortiOS SSL-VPN let attackers perform unauthenticated arbitrary code execution remotely, and this flaw has been tracked as CVE-2022-42475.

This vulnerability resides in FortiOS sslvpnd and it could potentially be exploited by unauthenticated attackers to perform code execution on vulnerable devices remotely.

In response to an actively exploited FortiOS SSL-VPN flaw, Fortinet strongly urged all its customers to immediately patch their appliances. 

Moreover, a French cybersecurity firm known as Olympe Cyberdefense disclosed this zero-day vulnerability to the public for the first time.

Flaw Profile

  • CVE ID: CVE-2022-42475
  • Description: A heap-based buffer overflow bug.vul
  • CVSSv3 Score: 9.3
  • Severity: Critical
  • Impact: Execute unauthorized code or commands
  • IR Number: FG-IR-22-398
  • Date: Dec 12, 2022

This critical flaw was quietly fixed by Fortinet in FortiOS 7.2.3 on 28th November 2022. Even there is no information that has been released by Fortinet about how this zero-day vulnerability has been exploited by third parties.

On the 7th of December 2022, the company published a private TLP:Amber advisory in which it mentioned further details about this untold zero-day vulnerability.

Affected Products

Here below we have mentioned all the products that are affected:-

  • FortiOS version 7.2.0 through 7.2.2
  • FortiOS version 7.0.0 through 7.0.8
  • FortiOS version 6.4.0 through 6.4.10
  • FortiOS version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 7.0.0 through 7.0.7
  • FortiOS-6K7K version 6.4.0 through 6.4.9
  • FortiOS-6K7K version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 6.0.0 through 6.0.14


Here below we have mentioned solutions offered by the company:-

  • Please upgrade to FortiOS version 7.2.3 or above
  • Please upgrade to FortiOS version 7.0.9 or above
  • Please upgrade to FortiOS version 6.4.11 or above
  • Please upgrade to FortiOS version 6.2.12 or above
  • Please upgrade to FortiOS-6K7K version 7.0.8 or above
  • Please upgrade to FortiOS-6K7K version 6.4.10 or above
  • Please upgrade to FortiOS-6K7K version 6.2.12 or above
  • Please upgrade to FortiOS-6K7K version 6.0.15 or above

For now, as a recommendation, experts have strongly urged users to immediately patch their vulnerable devices to prohibit the further exploitation of this flaw.

Apart from this, cybersecurity researchers have also recommended users monitor logs and disable the VPN-SSL functionality in case any user is unable to apply the patches right now. 

Even in order to limit the number of connections that can be made from a specific IP address, you should create access rules.

Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book


Latest articles

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns

The CISA announced two known exploited vulnerabilities active attacks targeting Google Chrome & own...

Cactus Ransomware Exploiting Qlik Sense code execution Vulnerability

A new Cactus Ransomware was exploited in the code execution vulnerability to Qlik Sense...

Hackers Bypass Antivirus with ScrubCrypt Tool to Install RedLine Malware

The ScrubCrypt obfuscation tool has been discovered to be utilized in attacks to disseminate the RedLine Stealer...

Hotel’s Hacked Logins Let Attacker Steal Guest Credit Cards

According to a recent report by Secureworks, a well-planned and advanced phishing attack was...

Critical Zoom Vulnerability Let Attackers Take Over Meetings

Zoom, the most widely used video conferencing platform has been discovered with a critical...

Hackers Using Weaponized Invoice to Deliver LUMMA Malware

Hackers use weaponized invoices to exploit trust in financial transactions, embedding malware or malicious...

US-Seized Crypto Currency Mixer Used by North Korean Lazarus Hackers

The U.S. Treasury Department sanctioned the famous cryptocurrency mixer Sinbad after it was claimed...

API Attack Simulation Webinar

Live API Attack Simulation

In the upcoming webinar, Karthik Krishnamoorthy, CTO and Vivek Gopalan, VP of Products at Indusface demonstrate how APIs could be hacked.The session will cover:an exploit of OWASP API Top 10 vulnerability, a brute force account take-over (ATO) attack on API, a DDoS attack on an API, how a WAAP could bolster security over an API gateway

Related Articles