← ExploitWatch
HomeExploited Vulnerabilities

CVE-2022-42475 — Actively Exploited: FortiOS (Fortinet)

Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.

CVE IDCVE-2022-42475
VendorFortinet
ProductFortiOS
Vulnerability nameFortinet FortiOS Heap-Based Buffer Overflow Vulnerability
Date added2022-12-13
Remediation due2023-01-03
Known ransomware useKnown
Required actionApply updates per vendor instructions.
DescriptionMultiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →