Alert Logic is actively researching a newly announced vulnerability in Fortinet FortiOS SSL-VPN. Using a heap-based buffer overflow vulnerability (CVE-2022-42475), an attacker can execute arbitrary code or commands via specially crafted requests. This vulnerability is being actively exploited in the wild, and customers are encouraged to upgrade their version immediately.
Who is affected?
Numerous versions of FortiOS and FortiOS-6K7K are affected, including:
- FortiOS version 7.2.0 through 7.2.2
- FortiOS version 7.0.0 through 7.0.8
- FortiOS version 6.4.0 through 6.4.10
- FortiOS version 6.2.0 through 6.2.11
- FortiOS version 6.0.0 through 6.0.15
- FortiOS version 5.6.0 through 5.6.14
- FortiOS version 5.4.0 through 5.4.13
- FortiOS version 5.2.0 through 5.2.15
- FortiOS version 5.0.0 through 5.0.14
- FortiOS-6K7K version 7.0.0 through 7.0.7
- FortiOS-6K7K version 6.4.0 through 6.4.9
- FortiOS-6K7K version 6.2.0 through 6.2.11
- FortiOS-6K7K version 6.0.0 through 6.0.14
More details about the nature of this vulnerability are available in Fortinet’s advisory.
What can I do?
Fortinet recommends upgrading FortiOS to a non-vulnerable version. Non-vulnerable versions include:
- FortiOS version 7.2.3 and above
- FortiOS version 7.0.9 and above
- FortiOS version 6.4.11 and above
- FortiOS version 6.2.12 and above
- FortiOS-6K7K version 6.4.10 and above
- FortiOS-6K7K version 6.0.15 and above
- FortiOS-6K7K version 7.0.8 and above (not yet released)
- FortiOS-6K7K version 6.2.12 and above (not yet released)
If you are unable to upgrade immediately, you can disable SSL-VPN as a workaround.
How is Alert Logic helping me?
Alert Logic is actively researching this threat to build detection capabilities. Alert Logic appliances and infrastructure are not affected by this vulnerability.
Log Management: Alert Logic has deployed initial telemetry analytics to aid in detection research.
Vulnerability Scanning: Alert Logic released scan coverage on December 14, 2022, by 14:00 CST to identify this vulnerability. An unauthenticated scan performed after this release will check for the version of Fortinet FortiOS. If a vulnerable version is found, an exposure will be raised for CVE-2022-42475.
Alert Logic has kicked off the Emerging Threat process for this vulnerability. This article will be updated with new information about this vulnerability and related Alert Logic coverage as it becomes available. To follow updates for this vulnerability, click FOLLOW at the top of this article. You must be signed into the Support Center using your Alert Logic product credentials to follow this article.
12/14/2022: Alert Logic released scan coverage on December 14, 2022, by 14:00 CST to identify this vulnerability.