/

CVE-2022-42475 Report - Details, Severity, & Advisorie...

CVE-2022-42475 Report - Details, Severity, & Advisories

Twingate Team

Dec 18, 2023

CVE-2022-42475 is a critical heap-based buffer overflow vulnerability affecting certain versions of FortiOS SSL-VPN and FortiProxy SSL-VPN software. This security flaw allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted requests. To protect against this vulnerability, it is recommended to upgrade to the specified versions of the affected software.

How do I know if I'm affected?

If you're using FortiOS SSL-VPN or FortiProxy SSL-VPN, you might be affected by the vulnerability. The affected versions are FortiOS SSL-VPN 7.2.0 to 7.2.2, 7.0.0 to 7.0.8, 6.4.0 to 6.4.10, 6.2.0 to 6.2.11, and 6.0.15 and earlier; and FortiProxy SSL-VPN 7.2.0 to 7.2.1, and 7.0.7 and earlier. This security flaw allows remote attackers to execute code or commands without authentication. Keep an eye out for log entries with "Application crashed" and connections to suspicious IP addresses from your FortiGate device as potential signs of being affected.

What should I do if I'm affected?

If you're affected by the CVE-2022-42475 vulnerability, it's crucial to upgrade your FortiOS and FortiProxy software to the recommended versions. This will help protect your system from potential attacks. Follow the provided steps and update your software to ensure your system's security.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-42475 vulnerability, also known as the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability, is listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on December 13, 2022, and the due date for required action is January 3, 2023. To address this vulnerability, organizations should apply updates according to the vendor's instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-787 and CWE-197, which are Out-of-bounds Write and Numeric Truncation Error. These weaknesses can lead to unauthorized code execution by remote attackers.

For more details

The CVE-2022-42475 vulnerability is a critical issue affecting FortiOS SSL-VPN and FortiProxy SSL-VPN software. It's essential to take immediate action, such as upgrading to recommended software versions and disabling SSL-VPN if necessary. For a comprehensive understanding of this vulnerability, refer to the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2022-42475 Report - Details, Severity, & Advisorie...

CVE-2022-42475 Report - Details, Severity, & Advisories

Twingate Team

Dec 18, 2023

CVE-2022-42475 is a critical heap-based buffer overflow vulnerability affecting certain versions of FortiOS SSL-VPN and FortiProxy SSL-VPN software. This security flaw allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted requests. To protect against this vulnerability, it is recommended to upgrade to the specified versions of the affected software.

How do I know if I'm affected?

If you're using FortiOS SSL-VPN or FortiProxy SSL-VPN, you might be affected by the vulnerability. The affected versions are FortiOS SSL-VPN 7.2.0 to 7.2.2, 7.0.0 to 7.0.8, 6.4.0 to 6.4.10, 6.2.0 to 6.2.11, and 6.0.15 and earlier; and FortiProxy SSL-VPN 7.2.0 to 7.2.1, and 7.0.7 and earlier. This security flaw allows remote attackers to execute code or commands without authentication. Keep an eye out for log entries with "Application crashed" and connections to suspicious IP addresses from your FortiGate device as potential signs of being affected.

What should I do if I'm affected?

If you're affected by the CVE-2022-42475 vulnerability, it's crucial to upgrade your FortiOS and FortiProxy software to the recommended versions. This will help protect your system from potential attacks. Follow the provided steps and update your software to ensure your system's security.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-42475 vulnerability, also known as the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability, is listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on December 13, 2022, and the due date for required action is January 3, 2023. To address this vulnerability, organizations should apply updates according to the vendor's instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-787 and CWE-197, which are Out-of-bounds Write and Numeric Truncation Error. These weaknesses can lead to unauthorized code execution by remote attackers.

For more details

The CVE-2022-42475 vulnerability is a critical issue affecting FortiOS SSL-VPN and FortiProxy SSL-VPN software. It's essential to take immediate action, such as upgrading to recommended software versions and disabling SSL-VPN if necessary. For a comprehensive understanding of this vulnerability, refer to the NVD page or the links below.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2022-42475 Report - Details, Severity, & Advisories

Twingate Team

Dec 18, 2023

CVE-2022-42475 is a critical heap-based buffer overflow vulnerability affecting certain versions of FortiOS SSL-VPN and FortiProxy SSL-VPN software. This security flaw allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted requests. To protect against this vulnerability, it is recommended to upgrade to the specified versions of the affected software.

How do I know if I'm affected?

If you're using FortiOS SSL-VPN or FortiProxy SSL-VPN, you might be affected by the vulnerability. The affected versions are FortiOS SSL-VPN 7.2.0 to 7.2.2, 7.0.0 to 7.0.8, 6.4.0 to 6.4.10, 6.2.0 to 6.2.11, and 6.0.15 and earlier; and FortiProxy SSL-VPN 7.2.0 to 7.2.1, and 7.0.7 and earlier. This security flaw allows remote attackers to execute code or commands without authentication. Keep an eye out for log entries with "Application crashed" and connections to suspicious IP addresses from your FortiGate device as potential signs of being affected.

What should I do if I'm affected?

If you're affected by the CVE-2022-42475 vulnerability, it's crucial to upgrade your FortiOS and FortiProxy software to the recommended versions. This will help protect your system from potential attacks. Follow the provided steps and update your software to ensure your system's security.

Is this in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-42475 vulnerability, also known as the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability, is listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on December 13, 2022, and the due date for required action is January 3, 2023. To address this vulnerability, organizations should apply updates according to the vendor's instructions.

Weakness enumeration

The weakness enumeration for this vulnerability is categorized as CWE-787 and CWE-197, which are Out-of-bounds Write and Numeric Truncation Error. These weaknesses can lead to unauthorized code execution by remote attackers.

For more details

The CVE-2022-42475 vulnerability is a critical issue affecting FortiOS SSL-VPN and FortiProxy SSL-VPN software. It's essential to take immediate action, such as upgrading to recommended software versions and disabling SSL-VPN if necessary. For a comprehensive understanding of this vulnerability, refer to the NVD page or the links below.