You are currently viewing Fortinet Fixes Actively Exploited FortiOS SSL-VPN Flaw Allowing Remote Code Execution

Fortinet Fixes Actively Exploited FortiOS SSL-VPN Flaw Allowing Remote Code Execution

Fortinet has issued an advisory warning about a critical heap-based buffer overflow vulnerability in multiple versions of its FortiOS SSL-VPN software. Fortinet VPN Flaw vulnerability, tracked as CVE-2022-42475, has been assigned a severity score of 9.3 on the standard vulnerability scoring system. However, a vulnerability management tool can detect this. This means that the flaw is considered highly critical and could be exploited by an unauthenticated, remote attacker to perform arbitrary code on the affected system. Fortinet recommends that all users of the affected software update to the latest version as soon as possible to protect against this vulnerability.

Fortinet has released patches to fix the Fortinet VPN Flaw vulnerability and recommends that all users upgrade to the latest software version to protect against it. The company also recommends that users update to the latest version or to an earlier unaffected version of FortiOS (Please note that downgrading might open other critical vulnerabilities). Also, auto patching will be useful to patch this vulnerability. Fortinet said that it is continuing to monitor the situation.

Fortinet advises checking your systems quickly for the following signs of compromise because it is aware of a situation in which this vulnerability was used in the wild.

Fortinet

Since the COVID-19 epidemic started, there has been an increase in attacks targeting VPNs as more people began working remotely. In October of this year, Another severe flaw in FortiOS allowed attackers to bypass authentication and was actively used in the field. This latest vulnerability is another example of the ongoing threat to VPNs.

Affected Products in Fortinet VPN Flaw

  • FortiOS version 7.2.0 through 7.2.2
  • FortiOS version 7.0.0 through 7.0.8
  • FortiOS version 6.4.0 through 6.4.10
  • FortiOS version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 7.0.0 through 7.0.7
  • FortiOS-6K7K version 6.4.0 through 6.4.9
  • FortiOS-6K7K version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 6.0.0 through 6.0.1

Impact

Successful exploitation of the vulnerability allows remote attackers to execute arbitrary code.

Solution

  • Please upgrade to FortiOS version 7.2.3 or above
  • Please upgrade to FortiOS version 7.0.9 or above
  • Please upgrade to FortiOS version 6.4.11 or above
  • Please upgrade to FortiOS version 6.2.12 or above
  • Please upgrade to FortiOS-6K7K version 7.0.8 or above
  • Please upgrade to FortiOS-6K7K version 6.4.10 or above
  • Please upgrade to FortiOS-6K7K version 6.2.12 or above
  • Please upgrade to FortiOS-6K7K version 6.0.15 or above

SanerNow Network Scanner detects this vulnerability. Use SanerNow and keep your systems updated and secure.

Tags: , , ,