A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2022-42475 | Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability | secondary_impact | T1071.001 | Web Protocols |
Comments
CVE-2022-42475 is a remotely-expoitable heap overflow vulnerability. Adversaries have been observed exploiting this vulnerability to deliver malicious software to the target device.
This malicious software has observed anti-debugging and command and control capabilities (over HTTP).
References
|
CVE-2022-42475 | Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability | secondary_impact | T1622 | Debugger Evasion |
Comments
CVE-2022-42475 is a remotely-expoitable heap overflow vulnerability. Adversaries have been observed exploiting this vulnerability to deliver malicious software to the target device.
This malicious software has observed anti-debugging and command and control capabilities (over HTTP).
References
|
CVE-2022-42475 | Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability | primary_impact | T1574 | Hijack Execution Flow |
Comments
CVE-2022-42475 is a remotely-expoitable heap overflow vulnerability. Adversaries have been observed exploiting this vulnerability to deliver malicious software to the target device.
This malicious software has observed anti-debugging and command and control capabilities (over HTTP).
References
|
CVE-2022-42475 | Fortinet FortiOS Heap-Based Buffer Overflow Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2022-42475 is a remotely-expoitable heap overflow vulnerability. Adversaries have been observed exploiting this vulnerability to deliver malicious software to the target device.
This malicious software has observed anti-debugging and command and control capabilities (over HTTP).
References
|