FortiOS SSL-VPN Buffer Overflow Vulnerability
CVE-2022-42475
Key Information:
- Vendor
- Fortinet
- Status
- Vendor
- CVE Published:
- 2 January 2023
Badges
What is CVE-2022-42475?
CVE-2022-42475 is a critical vulnerability found in FortiOS, the operating system used by Fortinet for their network security products, particularly in its SSL-VPN feature. This vulnerability arises from a heap-based buffer overflow, which allows attackers to send specially crafted requests that could lead to arbitrary code execution. The impact of this vulnerability is significant, as it could allow unauthorized individuals to take control of affected systems, compromising sensitive data and potentially leading to extensive disruptions in organizational operations.
Technical Details
CVE-2022-42475 affects multiple versions of FortiOS SSL-VPN ranging from 6.0.15 and earlier to 7.2.2. The vulnerability occurs during the handling of requests, where the mishandling of buffer allocations allows for overflow, giving an attacker the opportunity to execute malicious code remotely without authentication. Additionally, FortiProxy SSL-VPN versions 7.0.7 and earlier show similar vulnerabilities, highlighting several systems at risk within the Fortinet ecosystem.
Potential Impact of CVE-2022-42475
-
Remote Code Execution: The most severe impact is the ability for an unauthenticated remote attacker to execute arbitrary code on the vulnerable system, which could facilitate complete system control.
-
Data Breach Risk: Exploitation of this vulnerability may lead to unauthorized access to sensitive organizational data, which could result in data theft or exposure of critical information.
-
Operational Disruption: Should the vulnerability be exploited, it could cause significant operational disruptions, affecting the availability of services and potentially leading to costly downtime and recovery efforts for affected organizations.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
FortiOS 7.2.0 <= 7.2.2
FortiOS 7.0.0 <= 7.0.8
FortiOS 6.4.0 <= 6.4.10
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
EPSS Score
93% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- π
Vulnerability started trending
- π‘
Public PoC available
Vulnerability published
- π°
Used in Ransomware
- πΎ
Exploit known to exist
- π¦
CISA Reported
Vulnerability Reserved