FORTIGUARD FIREWALL HEAP-BASED BUFFER OVERFLOW VULNERABILITY - CVE-2022-25610

09 Mar / 2023

Cyber Security

FORTIGUARD FIREWALL HEAP-BASED BUFFER OVERFLOW VULNERABILITY

CVE: CVE-2022-25610


What is Vulnerable

  • FortiOS version 7.2.0 through 7.2.3
  • FortiOS version 7.0.0 through 7.0.9
  • FortiOS version 6.4.0 through 6.4.11
  • FortiOS version 6.2.0 through 6.2.12
  • FortiOS 6.0 all versions
  • FortiProxy version 7.2.0 through 7.2.2
  • FortiProxy version 7.0.0 through 7.0.8
  • FortiProxy version 2.0.0 through 2.0.11
  • FortiProxy 1.2 all versions
  • FortiProxy 1.1 all versions

WHAT'S HAPPENED:

Fortinet have published a security bulletin for a vulnerability allowing remote execution of arbitrary code on affected firewalls to enable initial access by malicious actors.

WHAT YOU CAN DO:

Cythera is continuing to monitor all Managed Detection and Managed Vulnerability clients.

Resources

You may be interested in

Easy (and Cheap!) ways to secure your corporate email domain

Email is such a critical business tool for many businesses. And the massive shift to a “Work from Anywhere” model has led to an increased ri…

Read More arrow_forward

Cythera and Druva: A Strategic Alliance for Essential Eight Compliance and Beyond

For Australian companies navigating the complexities of cyber resilience, having a dependable backup solution is not just a nice-to-have, it's a…

Read More arrow_forward

How we’re using Secure Web Gateway to quickly adapt customer’s security

Even post-COVID, a permanent shift to more remote and flexible working seems to be a theme for most organisations. This throws up some challenge…

Read More arrow_forward