“Three days after its initial public disclosure, Fortinet patched CVE-2022-42475 and confirmed it has been exploited in the wild. The critical flaw is a buffer overflow vulnerability that could lead to remote code execution in several versions of ForiOS used in SSL VPNs and firewalls.
“Fortinet SSL VPNs have been a major target for years now — to the extent that the FBI and CISA issued a dedicated advisory to these flaws and their exploitation in 2021. Nation state actors are still known to exploit those legacy vulnerabilities in Fortinet SSL VPNs. Given that this new vulnerability has already been exploited, organisations should patch CVE-2022-42475 immediately before it joins the ranks of other legacy VPN flaws.” — Claire Tills, Senior Research Engineer, Tenable
