A critical RCE vulnerability (CVE-2022-42475) in Fortinet’s operating system, FortiOS, is being exploited by attackers, reportedly by a ransomware group. “Fortinet is aware of an instance where this vulnerability was exploited in the wild,” the company said in an advisory published on Monday, but offered no specific details about the attack. About CVE-2022-42475 CVE-2022-42475 is a heap-based buffer overflow vulnerability in FortiOS, and “may allow a remote unauthenticated attacker to execute arbitrary code or commands … More
The post Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475) appeared first on Help Net Security.