Security News > 2022 > December > Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)

Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
2022-12-13 10:34

A critical RCE vulnerability in Fortinet's operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group.

FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, and 6.2.0 through 6.2.11.

FortiOS-6K7K version 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2.0 through 6.2.11, and 6.0.0 through 6.0.14.

FortiOS vulnerabilities are often exploited by attackers.

FortiOS version 7.2.3 or above, 7.0.9 or above, 6.4.11 or above, and 6.2.12 or above.

FortiOS-6K7K version 7.0.8 or above, 6.4.10 or above, 6.2.12 or above, and 6.0.15 or above.


News URL

https://www.helpnetsecurity.com/2022/12/13/cve-2022-42475/