FORTIGUARD FIREWALL HEAP-BASED BUFFER OVERFLOW VULNERABILITY - CVE-2022-25610

09 Mar / 2023

Cyber Security

FORTIGUARD FIREWALL HEAP-BASED BUFFER OVERFLOW VULNERABILITY

CVE: CVE-2022-25610


What is Vulnerable

  • FortiOS version 7.2.0 through 7.2.3
  • FortiOS version 7.0.0 through 7.0.9
  • FortiOS version 6.4.0 through 6.4.11
  • FortiOS version 6.2.0 through 6.2.12
  • FortiOS 6.0 all versions
  • FortiProxy version 7.2.0 through 7.2.2
  • FortiProxy version 7.0.0 through 7.0.8
  • FortiProxy version 2.0.0 through 2.0.11
  • FortiProxy 1.2 all versions
  • FortiProxy 1.1 all versions

WHAT'S HAPPENED:

Fortinet have published a security bulletin for a vulnerability allowing remote execution of arbitrary code on affected firewalls to enable initial access by malicious actors.

WHAT YOU CAN DO:

Cythera is continuing to monitor all Managed Detection and Managed Vulnerability clients.

Resources

You may be interested in

Don’t Fall for the ‘Tick + Flick’ Trap: The difference between a true MDR and Tick + Flick Service

An objection some customers have when we first connect is that they “already use a Managed Detection and Response service”, yet a little dig…

Read More arrow_forward

What is Endpoint Protection?

What is Endpoint Protection? With modern business practices requiring an increased amount of network and cloud based operations it’s rare for…

Read More arrow_forward

Protecting a distributed workforce.

COVID-19 has quickly switched many organisations to full work remote / from home policies, and IT teams are dusting off disaster recovery and bu…

Read More arrow_forward