WEB Fortinet FortiOS SSL VPN Heap Buffer Overflow (CVE-2022-42475)

Rule ID

1232132

Severity

Critical

Description

A heap-based buffer overflow vulnerability in FortiOS SSL VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Buffer Overflow

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

CVE-2022-42475

T1190

T1574

T1499.004

T0814

T1210

T0866

T0819

Keyword

N/A

Created At

2023/01/30

Updated At

2023/03/15

This website uses cookies to ensure you get the best experience on our website.

Learn more