Last updated: 2022-12-13 10:30 hrs
Fortinet has fixed a critical vulnerability in FortiOS SSL-VPN functionality (CVSSv3 score 9.3). Nomios recommends installing the security updates made available as soon as possible.
Fortinet has also shared Indicators-of-Compromise (IoCs) based on which organisations can check whether their systems have been attacked. We recommend checking your systems for the presence of these IoCs. For more information, please refer to Fortinet's advisory. Below, you'll find an overview of the affected versions.
The vulnerability has been given the attribute CVE-2022-42475. By exploiting the vulnerability, a malicious party can execute arbitrary code on the vulnerable system. In this way, the security of the corporate network is breached. Malicious parties do not need to be logged in to do this.
Fortinet is aware of one case in which this vulnerability has been abused. Nomios expects the vulnerability to be abused more often. Past experience shows that VPN interfaces are a favourite target for abuse by malicious parties. These types of systems are generally located at the edge of a corporate network. They are used to allow remote users to access internal applications via the internet. Vulnerabilities in VPN interfaces can therefore provide a starting point to penetrate a network, after which other systems may also be compromised. Depending on the situation, this could allow a malicious party to access sensitive information or launch a ransomware attack, for example.
Releases with this vulnerability:
- FortiOS version 7.2.0 through 7.2.2
- FortiOS version 7.0.0 through 7.0.8
- FortiOS version 6.4.0 through 6.4.10
- FortiOS version 6.2.0 through 6.2.11
- FortiOS-6K7K version 7.0.0 through 7.0.7
- FortiOS-6K7K version 6.4.0 through 6.4.9
- FortiOS-6K7K version 6.2.0 through 6.2.11
- FortiOS-6K7K version 6.0.0 through 6.0.14
Upgrade to a newer version:
- Please upgrade to FortiOS version 7.2.3 or above
- Please upgrade to FortiOS version 7.0.9 or above
- Please upgrade to FortiOS version 6.4.11 or above
- Please upgrade to FortiOS version 6.2.12 or above
- Please upgrade to FortiOS-6K7K version 7.0.8 or above
- Please upgrade to FortiOS-6K7K version 6.4.10 or above
- Please upgrade to FortiOS-6K7K version 6.2.12 or above
- Please upgrade to FortiOS-6K7K version 6.0.15 or above