CVE-2022-42475

Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability

Multiple versions of Fortinet FortiOS SSL-VPN contain a heap-based buffer overflow vulnerability which can allow an unauthenticated, remote attacker to execute arbitrary code or commands via specifically crafted requests. Vendor/Product: Fortinet FortiOS. Added to CISA KEV 2022-12-13; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2022-42475