Threat Advisories:
Highlights of Our CISO Dinner
Upgrading struggling vulnerability management programs to Threat Exposure Management, with Host, CISO Al Lindseth formerly from Plains All American Pipeline and PWC - 6 minute podcast
0:00
0:00
👥 Play Count: Loading...

Active exploitation of the Fortinet pre-auth RCE vulnerability

Threat Level – Red | Vulnerability Report
Download PDF

Fortinet has addressed a critical security flaw in its FortiOS SSL-VPN product, which is being actively exploited in the wild. The heap-based buffer overflow bug in FortiOS sslvpnd is listed as CVE-2022-42475 and results from a boundary error in the sslvpnd daemon. When exploited maliciously, the issue might enable unauthenticated attackers to remotely crash devices and perhaps execute arbitrary code.

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox