Critical Vulnerability in Fortinet's FortiOS

Fortinet has released security updates to address a critical heap-based buffer overflow vulnerability (CVE-2022-42475) in FortiOS SSL-VPN.

Successful exploitation of the vulnerability could allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. This vulnerability is reportedly being actively exploited.

Users and administrators are advised to check their systems for any indicators of compromise (IOCs) such as unexpected files or processes running on their FortiGate devices. Please refer to the Fortinet advisory link below for more information on the IOCs.

Users and administrators using the following affected versions are advised to upgrade their software versions immediately:

• FortiOS version 7.2.0 through 7.2.2 (upgrade to FortiOS versions 7.2.3 or above)

• FortiOS version 7.0.0 through 7.0.8 (upgrade to FortiOS versions 7.0.9 or above)

• FortiOS version 6.4.0 through 6.4.10 (upgrade to FortiOS versions 6.4.11 or above)

• FortiOS version 6.2.0 through 6.2.11 (upgrade to FortiOS versions 6.2.12 or above)

• FortiOS-6K7K version 7.0.0 through 7.0.7 (upgrade to FortiOS-6K7K version 7.0.8 or above)

• FortiOS-6K7K version 6.4.0 through 6.4.9 (upgrade to FortiOS-6K7K version 6.4.10 or above)

• FortiOS-6K7K version 6.2.0 through 6.2.11 (upgrade to FortiOS-6K7K version 6.2.12 or above)

• FortiOS-6K7K version 6.0.0 through 6.0.14 (upgrade to FortiOS-6K7K version 6.0.15 or above)
  

More information is available here:

https://www.fortiguard.com/psirt/FG-IR-22-398

https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd