“Three days after its initial public disclosure, Fortinet patched CVE-2022-42475 and confirmed it has been exploited in the wild. The critical flaw is a buffer overflow vulnerability that could lead to remote code execution in several versions of ForiOS used in SSL VPNs and firewalls.
“Fortinet SSL VPNs have been a major target for years now — to the extent that the FBI and CISA issued a dedicated advisory to these flaws and their exploitation in 2021. Nation-state actors are still known to exploit those legacy vulnerabilities in Fortinet SSL VPNs. Given that this new vulnerability has already been exploited, organisations should patch CVE-2022-42475 immediately before it joins the ranks of other legacy VPN flaws.”
by Claire Tills, Senior Research Engineer, Tenable
