/

CVE-2022-42475 Report - Details, Severity, Advisories and More

CVE-2022-42475 Report - Details, Severity, Advisories and More

Twingate Team

Dec 18, 2023

CVE-2022-42475 Report - Details, Severity, Advisories and More

CVE-2022-42475 is a critical heap-based buffer overflow vulnerability affecting certain versions of FortiOS SSL-VPN and FortiProxy SSL-VPN software. This security flaw allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted requests. To protect against this vulnerability, it is recommended to upgrade to the specified versions of the affected software.

How do I know if I'm affected by CVE-2022-42475?

If you're using FortiOS SSL-VPN or FortiProxy SSL-VPN, you might be affected by the CVE-2022-42475 vulnerability. The affected versions are FortiOS SSL-VPN 7.2.0 to 7.2.2, 7.0.0 to 7.0.8, 6.4.0 to 6.4.10, 6.2.0 to 6.2.11, and 6.0.15 and earlier; and FortiProxy SSL-VPN 7.2.0 to 7.2.1, and 7.0.7 and earlier. This security flaw allows remote attackers to execute code or commands without authentication. Keep an eye out for log entries with "Application crashed" and connections to suspicious IP addresses from your FortiGate device as potential signs of being affected.

What should I do if I'm affected by CVE-2022-42475?

If you're affected by the CVE-2022-42475 vulnerability, it's crucial to upgrade your FortiOS and FortiProxy software to the recommended versions. This will help protect your system from potential attacks. Follow the provided steps and update your software to ensure your system's security.

Where can I go to learn more?

For more information and resources on the CVE-2022-42475 vulnerability, check out the following references:

  • NVD - CVE-2022-42475: Provides a detailed description, severity, and analysis of the vulnerability.

  • FortiGuard PSIRT: Offers a summary, affected products, and solutions to mitigate the vulnerability, as well as a workaround to disable SSL-VPN.

Is CVE-2022-42475 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-42475 vulnerability, also known as the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability, is listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on December 13, 2022, and the due date for required action is January 3, 2023. To address this vulnerability, organizations should apply updates according to the vendor's instructions.

Weakness enumeration

The CVE-2022-42475 vulnerability involves two weakness types: Out-of-bounds Write and Numeric Truncation Error. These weaknesses can lead to unauthorized code execution by remote attackers.

For more details

The CVE-2022-42475 vulnerability is a critical issue affecting FortiOS SSL-VPN and FortiProxy SSL-VPN software. It's essential to take immediate action, such as upgrading to recommended software versions and disabling SSL-VPN if necessary. For a comprehensive understanding of this vulnerability, refer to the NVD page.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

/

CVE-2022-42475 Report - Details, Severity, Advisories and More

CVE-2022-42475 Report - Details, Severity, Advisories and More

Twingate Team

Dec 18, 2023

CVE-2022-42475 Report - Details, Severity, Advisories and More

CVE-2022-42475 is a critical heap-based buffer overflow vulnerability affecting certain versions of FortiOS SSL-VPN and FortiProxy SSL-VPN software. This security flaw allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted requests. To protect against this vulnerability, it is recommended to upgrade to the specified versions of the affected software.

How do I know if I'm affected by CVE-2022-42475?

If you're using FortiOS SSL-VPN or FortiProxy SSL-VPN, you might be affected by the CVE-2022-42475 vulnerability. The affected versions are FortiOS SSL-VPN 7.2.0 to 7.2.2, 7.0.0 to 7.0.8, 6.4.0 to 6.4.10, 6.2.0 to 6.2.11, and 6.0.15 and earlier; and FortiProxy SSL-VPN 7.2.0 to 7.2.1, and 7.0.7 and earlier. This security flaw allows remote attackers to execute code or commands without authentication. Keep an eye out for log entries with "Application crashed" and connections to suspicious IP addresses from your FortiGate device as potential signs of being affected.

What should I do if I'm affected by CVE-2022-42475?

If you're affected by the CVE-2022-42475 vulnerability, it's crucial to upgrade your FortiOS and FortiProxy software to the recommended versions. This will help protect your system from potential attacks. Follow the provided steps and update your software to ensure your system's security.

Where can I go to learn more?

For more information and resources on the CVE-2022-42475 vulnerability, check out the following references:

  • NVD - CVE-2022-42475: Provides a detailed description, severity, and analysis of the vulnerability.

  • FortiGuard PSIRT: Offers a summary, affected products, and solutions to mitigate the vulnerability, as well as a workaround to disable SSL-VPN.

Is CVE-2022-42475 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-42475 vulnerability, also known as the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability, is listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on December 13, 2022, and the due date for required action is January 3, 2023. To address this vulnerability, organizations should apply updates according to the vendor's instructions.

Weakness enumeration

The CVE-2022-42475 vulnerability involves two weakness types: Out-of-bounds Write and Numeric Truncation Error. These weaknesses can lead to unauthorized code execution by remote attackers.

For more details

The CVE-2022-42475 vulnerability is a critical issue affecting FortiOS SSL-VPN and FortiProxy SSL-VPN software. It's essential to take immediate action, such as upgrading to recommended software versions and disabling SSL-VPN if necessary. For a comprehensive understanding of this vulnerability, refer to the NVD page.

Rapidly implement a modern Zero Trust network that is more secure and maintainable than VPNs.

CVE-2022-42475 Report - Details, Severity, Advisories and More

Twingate Team

Dec 18, 2023

CVE-2022-42475 Report - Details, Severity, Advisories and More

CVE-2022-42475 is a critical heap-based buffer overflow vulnerability affecting certain versions of FortiOS SSL-VPN and FortiProxy SSL-VPN software. This security flaw allows remote unauthenticated attackers to execute arbitrary code or commands through specially crafted requests. To protect against this vulnerability, it is recommended to upgrade to the specified versions of the affected software.

How do I know if I'm affected by CVE-2022-42475?

If you're using FortiOS SSL-VPN or FortiProxy SSL-VPN, you might be affected by the CVE-2022-42475 vulnerability. The affected versions are FortiOS SSL-VPN 7.2.0 to 7.2.2, 7.0.0 to 7.0.8, 6.4.0 to 6.4.10, 6.2.0 to 6.2.11, and 6.0.15 and earlier; and FortiProxy SSL-VPN 7.2.0 to 7.2.1, and 7.0.7 and earlier. This security flaw allows remote attackers to execute code or commands without authentication. Keep an eye out for log entries with "Application crashed" and connections to suspicious IP addresses from your FortiGate device as potential signs of being affected.

What should I do if I'm affected by CVE-2022-42475?

If you're affected by the CVE-2022-42475 vulnerability, it's crucial to upgrade your FortiOS and FortiProxy software to the recommended versions. This will help protect your system from potential attacks. Follow the provided steps and update your software to ensure your system's security.

Where can I go to learn more?

For more information and resources on the CVE-2022-42475 vulnerability, check out the following references:

  • NVD - CVE-2022-42475: Provides a detailed description, severity, and analysis of the vulnerability.

  • FortiGuard PSIRT: Offers a summary, affected products, and solutions to mitigate the vulnerability, as well as a workaround to disable SSL-VPN.

Is CVE-2022-42475 in CISA’s Known Exploited Vulnerabilities Catalog?

Yes, the CVE-2022-42475 vulnerability, also known as the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability, is listed in CISA's Known Exploited Vulnerabilities Catalog. It was added on December 13, 2022, and the due date for required action is January 3, 2023. To address this vulnerability, organizations should apply updates according to the vendor's instructions.

Weakness enumeration

The CVE-2022-42475 vulnerability involves two weakness types: Out-of-bounds Write and Numeric Truncation Error. These weaknesses can lead to unauthorized code execution by remote attackers.

For more details

The CVE-2022-42475 vulnerability is a critical issue affecting FortiOS SSL-VPN and FortiProxy SSL-VPN software. It's essential to take immediate action, such as upgrading to recommended software versions and disabling SSL-VPN if necessary. For a comprehensive understanding of this vulnerability, refer to the NVD page.