A critical vulnerability in FortiOS SSL-VPN let attackers perform unauthenticated arbitrary code execution remotely, and this flaw has been tracked as CVE-2022-42475.
This vulnerability resides in FortiOS sslvpnd and it could potentially be exploited by unauthenticated attackers to perform code execution on vulnerable devices remotely.
In response to an actively exploited FortiOS SSL-VPN flaw, Fortinet strongly urged all its customers to immediately patch their appliances.
Moreover, a French cybersecurity firm known as Olympe Cyberdefense disclosed this zero-day vulnerability to the public for the first time.
This critical flaw was quietly fixed by Fortinet in FortiOS 7.2.3 on 28th November 2022. Even there is no information that has been released by Fortinet about how this zero-day vulnerability has been exploited by third parties.
On the 7th of December 2022, the company published a private TLP:Amber advisory in which it mentioned further details about this untold zero-day vulnerability.
Here below we have mentioned all the products that are affected:-
Here below we have mentioned solutions offered by the company:-
For now, as a recommendation, experts have strongly urged users to immediately patch their vulnerable devices to prohibit the further exploitation of this flaw.
Apart from this, cybersecurity researchers have also recommended users monitor logs and disable the VPN-SSL functionality in case any user is unable to apply the patches right now.
Even in order to limit the number of connections that can be made from a specific IP address, you should create access rules.
Secure Web Gateway – Web Filter Rules, Activity Tracking & Malware Protection – Download Free E-Book
A peculiar malicious Python script has surfaced, employing an unusual and amusing anti-analysis trick to…
A recent wave of cyberattacks leveraging the SocGholish malware framework has been observed using compromised…
North Korea's Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting…
In a concerning escalation of cyber threats, North Korean IT operatives have infiltrated global companies,…
Elastic Security Labs has uncovered a sophisticated cyber-espionage campaign, tracked as REF7707, targeting entities across…
NVIDIA has issued a critical security update to address a high-severity vulnerability discovered in the…