all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

CVE-2022-42475: Unauthenticated Remote Code Execution Vulnerability in FortiOS; Exploitation Reported

Add to bookmarks
Dec. 12, 2022, 6:48 p.m. | Glenn Thorpe

Rapid7 Blog blog.rapid7.com

Today FortiGuard Labs published advisory FG-IR-22-398 regarding a “heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN. FortiGuard Labs has confirmed at least one instance of the vulnerability being exploited in the wild.

code code execution cve emergent threat response exploitation fortios remote code execution vulnerability

Visit resource

More from blog.rapid7.com / Rapid7 Blog

The Take Command Summit: A Stacked Agenda, and Killer Guest Speakers Coming Your Way May … 1 day ago | blog.rapid7.com
challenges coming command cybersecurity +14
The Business of Cybersecurity Ownership 2 days ago | blog.rapid7.com
accountability business can ciso +6
Velociraptor 0.7.2 Release: Digging Deeper than Ever with EWF Support, Dynamic DNS and More 2 days, 23 hours ago | blog.rapid7.com
discuss dns download dynamic +7
Metasploit Weekly Wrap-Up 04/26/24 6 days, 18 hours ago | blog.rapid7.com
addition application clusters community +20
USF College of Engineering Presents Rapid7 With 2024 Corporate Impact Award 1 week, 2 days ago | blog.rapid7.com
april award awards beyond +11
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise 1 week, 2 days ago | blog.rapid7.com
access account account access administrator +26
Take Command Summit: Take Breaches from Inevitable to Preventable on May 21 1 week, 4 days ago | blog.rapid7.com
attack aws breaches command +14
Metasploit Weekly Wrap-Up 04/19/24 1 week, 6 days ago | blog.rapid7.com
crushftp emergent threat response exploit framework +11
Enforce and Report on PCI DSS v4 Compliance with Rapid7 2 weeks, 2 days ago | blog.rapid7.com
adoption compliance council data +21

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs