Threat Intelligence / CVE / CVE-2022-42475

CVE-2022-42475

CISA KEVRansomware

CVSS 9.8 (CRITICAL) · EPSS 94.0% · Published 2023-01-02

A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

CVSS v3 vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-197, CWE-787

Threats tracking this CVE

UNC3886 Zero-Day Rootkit Campaign Targeting Singaporean Telecommunications — ORB Network C2, Fortinet/VMware Exploitation, Covert Infrastructure Persistence — CRITICAL

References

https://fortiguard.com/psirt/FG-IR-22-398
https://fortiguard.com/psirt/FG-IR-22-398
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-42475

Full detection coverage & IOCs for threats exploiting CVE-2022-42475 are available via the Threadlinqs MCP server (Purple tier). View plans →

Markdown version · Threadlinqs Intelligence