Skip to main content

Public advisory of scammers impersonating CSA and the SPF

Stay vigilant. Read the public advisory

Cyber Security Agency of Singapore
  1. Home
  2. Alerts & Advisories
  3. Alerts
  4. Critical Vulnerability in FortiADC
Alerts

Critical Vulnerability in FortiADC

5 January 2023

Fortinet has released security updates to address an OS Command vulnerability (CVE-2022-39947) in FortiADC.  

Successful exploitation of the vulnerability may allow an authenticated attacker with access to web GUI to execute unauthorised code or commands via specifically crafted HTTP requests.

The following versions of the products are affected by the vulnerability: 

  • FortiADC version 7.0.0 through 7.0.1

  • FortiADC version 6.2.0 through 6.2.3

  • FortiADC version 5.4.0 through 5.4.5

  • FortiADC all versions 6.1

  • FortiADC all versions 6.0

Users and administrators of the affected product versions are advised to upgrade to the latest versions immediately. 

More information is available here:

https://www.fortiguard.com/psirt/FG-IR-22-061

https://www.cisa.gov/uscert/ncas/current-activity/2023/01/04/fortinet-releases-security-updates-fortiadc

Back to top