Security News > 2022 > December > Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)
2022-12-13 10:34
A critical RCE vulnerability in Fortinet's operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group.
FortiOS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, and 6.2.0 through 6.2.11.
FortiOS-6K7K version 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2.0 through 6.2.11, and 6.0.0 through 6.0.14.
FortiOS vulnerabilities are often exploited by attackers.
FortiOS version 7.2.3 or above, 7.0.9 or above, 6.4.11 or above, and 6.2.12 or above.
FortiOS-6K7K version 7.0.8 or above, 6.4.10 or above, 6.2.12 or above, and 6.0.15 or above.
News URL
https://www.helpnetsecurity.com/2022/12/13/cve-2022-42475/
Related news
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Palo Alto Networks warns of potential PAN-OS RCE vulnerability (source)
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)