Active exploitation of the Fortinet pre-auth RCE vulnerability

Threat Level

Vulnerability Report

For a detailed threat advisory, download the pdf file here

Summary

Fortinet has addressed a critical security flaw in its FortiOS SSL-VPN product, which is being actively exploited in the wild. The heap-based buffer overflow bug in FortiOS sslvpnd is listed as CVE-2022-42475 and results from a boundary error in the sslvpnd daemon. When exploited maliciously, the issue might enable unauthenticated attackers to remotely crash devices and perhaps execute arbitrary code.