Security News > 2022 > December > Fortinet says SSL-VPN pre-auth RCE bug is exploited in attacks
Fortinet urges customers to patch their appliances against an actively exploited FortiOS SSL-VPN vulnerability that could allow unauthenticated remote code execution on devices.
"A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests," warns Fortinet in a security advisory released today.
Fortinet quietly fixed the bug on November 28th when FortiOS 7.2.3 was released.
Today, Fortinet released security advisory FG-IR-22-398, warning that the vulnerability has been actively exploited in attacks and that all users should update to the following versions to fix the bug.
FortiOS version 7.2.3 or above FortiOS version 7.0.9 or above FortiOS version 6.4.11 or above FortiOS version 6.2.12 or above FortiOS-6K7K version 7.0.8 or above FortiOS-6K7K version 6.4.10 or above FortiOS-6K7K version 6.2.12 or above FortiOS-6K7K version 6.0.15 or above.
While Fortinet has not provided any information on how the flaw is being exploited, they shared IOCs related to attacks.
News URL
Related news
- Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks (source)
- Cisco warns of password-spraying attacks targeting VPN services (source)
- New Ivanti RCE flaw may impact 16,000 exposed VPN gateways (source)
- Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks (source)
- Cisco warns of large-scale brute-force attacks against VPN services (source)
- Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services (source)
- Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks (source)
- New Attack on VPNs (source)
- New attack leaks VPN traffic using rogue DHCP servers (source)
- New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation (source)