Tag :
Cyber Security

1. Summary

Vulnerability Name Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability (CVE-2022-42475)
Release Date December 14, 2022
Component Name FortiOS SSL-VPN
Affected Versions See section 3. Affected Versions
Vulnerability Type Buffer Overflow Vulnerability
Severity CVSS v3 Base Score: 9.8 (Critical)
Exploitability Attack Vector: Network
Attack Complexity: Low
Privileges Required: None
User Interaction: None
Impact Confidentiality Impact: High
Integrity Impact: High
Availability Impact: High

2. About CVE-2022-42475

2.1 Introduction

FortiOS is the operating system of FortiGate NGFW.

2.2 Summary

A heap-based buffer overflow vulnerability in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

CVE-2022-42475 was added to CISA’s Known Exploited Vulnerabilities Catalog on December 13, 2022, and Fortinet is aware of an instance where this vulnerability was exploited in the wild. A follow-up report released by Fortinet on January 11, 2023, revealed that attackers were leveraging CVE-2022-42475 exploits to deploy malware masquerading as a trojanized version of the IPS Engine. The report notes that “the complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets.”

3. Affected Versions

  • FortiOS version 7.2.0 through 7.2.2
  • FortiOS version 7.0.0 through 7.0.8
  • FortiOS version 6.4.0 through 6.4.10
  • FortiOS version 6.2.0 through 6.2.11
  • FortiOS version 6.0.0 through 6.0.15
  • FortiOS version 5.6.0 through 5.6.14
  • FortiOS version 5.4.0 through 5.4.13
  • FortiOS version 5.2.0 through 5.2.15
  • FortiOS version 5.0.0 through 5.0.14
  • FortiOS-6K7K version 7.0.0 through 7.0.7
  • FortiOS-6K7K version 6.4.0 through 6.4.9
  • FortiOS-6K7K version 6.2.0 through 6.2.11
  • FortiOS-6K7K version 6.0.0 through 6.0.14
  • FortiProxy version 7.2.0 through 7.2.1
  • FortiProxy version 7.0.0 through 7.0.7
  • FortiProxy version 2.0.0 through 2.0.11
  • FortiProxy version 1.2.0 through 1.2.13
  • FortiProxy version 1.1.0 through 1.1.6
  • FortiProxy version 1.0.0 through 1.0.7

4. Indicators of Compromise

IPv4 66.42.91.32
45.86.231.71
45.86.229.220
194.62.42.105
192.36.119.61
188.34.130.40
185.174.136.20
172.247.168.153
158.247.221.101
156.251.163.19
156.251.162.76
155.138.224.122
139.99.37.119
139.99.35.116
139.180.184.197
137.175.30.138
107.148.27.117
103.131.189.143
139.180.128.142
FileHash-SHA256 61aae0e18c41ec4f610676680d26f6c6e1d4d5aa4e5092e40915fe806b679cd4
23f2536aec6a4977a504312ff5863468ba2900fece735acd775d0ae455b4cd4d
FileHash-SHA1 1e64e4e44c8b89425a2008a947736a427e6222a5
08760cb1d322269dbe62d9a642697ac71306fbe3
FileHash-MD5 f68c3f72270800ea675889e82bb02fb8
e5d989b651b3eb351e10e408d5a062b3
e3f640d8785c0c864739529889b1863a
bf2b95ac267823f6588b2436bc537b26
bdc2d2f5d5246f8956711bcce9f456b6
856341349dd954d82b112ba9165c4563
54bbea35b095ddfe9740df97b693627b
12e28c14bb7f7b9513a02e5857592ad7

5. Solutions

5.1 Fortinet Solution

5.1.1 Patch Installation

Users are recommended to upgrade their affected products to the latest version to fix the vulnerability.    

  • Upgrade to FortiOS version 7.2.3 or above
  • Upgrade to FortiOS version 7.0.9 or above
  • Upgrade to FortiOS version 6.4.11 or above
  • Upgrade to FortiOS version 6.2.12 or above
  • Upgrade to FortiOS version 6.0.16 or above
  • Upgrade to upcoming FortiOS-6K7K version 7.0.8 or above
  • Upgrade to FortiOS-6K7K version 6.4.10 or above
  • Upgrade to FortiOS-6K7K version 6.2.12 or above
  • Upgrade to FortiOS-6K7K version 6.0.15 or above
  • Upgrade to FortiProxy version 7.2.2 or above
  • Upgrade to FortiProxy version 7.0.8 or above
  • Upgrade to upcoming FortiProxy version 2.0.12 or above

5.1.2 Workaround

Disable SSL-VPN

6. Timeline

On December 12, 2022, Sangfor FarSight Labs received a notice about the Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability (CVE-2022-42475).

On December 14, 2022, Sangfor FarSight Labs released a vulnerability alert.

7. Reference

https://www.fortiguard.com/psirt/FG-IR-22-398

https://nvd.nist.gov/vuln/detail/CVE-2022-42475

https://www.fortinet.com/blog/psirt-blogs/analysis-of-fg-ir-22-398-fortios-heap-based-buffer-overflow-in-sslvpnd

8. Learn More

Sangfor FarSight Labs researches the latest cyberthreats and unknown zero-day vulnerabilities, alerting customers to potential dangers to their organizations, and providing real-time solutions with actionable intelligence. Sangfor FarSight Labs works with other security vendors and the security community at large to identify and verify global cyberthreats, providing fast and easy protection for customers.

Listen To This Post

Search

Keyword maximum 256 character

Get in Touch

Get in Touch with Sangfor Team for Business Inquiry

Name
Email Address
Business Phone Number
Tell us about your project requirements

Related Articles

CVE-2024-47575: Fortinet FortiManager Authentication Vulnerability

Date : 25 Oct 2024
Read Now

CVE-2024-38819: Path Traversal Vulnerability

Date : 19 Oct 2024
Read Now

CVE-2024-40766: SonicWALL SonicOS Access Control Flaw Vulnerability

Date : 12 Sep 2024
Read Now

See Other Product

Platform-X
Sangfor Access Secure
Sangfor SSL VPN
Best Darktrace Cyber Security Competitors and Alternatives in 2024
Sangfor Omni-Command
Replace your Enterprise NGAV with Sangfor Endpoint Secure

Meet the Author

About Sangfor

Sangfor Technologies

Sangfor Technologies is a leading vendor of Cyber Security and Cloud Computing solutions. The majority of the blogs that you are seeing here are written by professionals working at Sangfor. We have a team of content writers, product managers and marketing experts who are taking care of writing articles on various topics that are relevant to our audience. Our team ensures that the articles published are factually correct and helpful to our customers and partners to know more about the recent trends on Cyber Security and Cloud, and how it can help their organizations.

  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
See Author's Detail