Fortiguard Firewall heap-based buffer overflow Vulnerability

13 Dec / 2022

Cyber Security

Fortiguard Firewall heap-based buffer overflow Vulnerability

CVE: CVE-2022-42475


What is Vulnerable:

  • FortiOS version 7.2.0 through 7.2.2
  • FortiOS version 7.0.0 through 7.0.8
  • FortiOS version 6.4.0 through 6.4.10
  • FortiOS version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 7.0.0 through 7.0.7
  • FortiOS-6K7K version 6.4.0 through 6.4.9
  • FortiOS-6K7K version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 6.0.0 through 6.0.14

What's Happened:

On December 12 Fortinet published a security bulletin for a vulnerability allowing remote execution of arbitrary code on affected firewalls to enable initial access by malicious actors.

Fortinet have advised that this vulnerability is being exploited in the wild, and recommends that you immediately update your systems to the latest versions of FortiOS.

What you can do:


Resources

You may be interested in

4 Times Security Monitoring Technology Alone will Fail to Prevent Attack

With clear advantages over its reactive alternatives, Managed Detection & Response (MDR) is fast becoming the world’s most popular security so…

Read More arrow_forward

Data Harvester Parading as a Legitimate Application -ZoomInfoContactContributor.exe

What is Happening?Cythera are reporting a significant increase in the installation of a potentially unwanted application called ZoomInfo Contact…

Read More arrow_forward

The Perfect 10 - Remote Code Execution in Apache Log4j Requiring Emergency Patching

CVE: CVE-2021-44228 CVSS Score: 10 (Critical)What Is Vulnerable?: Apache Log4j Version 2.15-rc1 or prior. (All version prior to 2.15-rc1 are vu…

Read More arrow_forward