Access to NULL pointer in SSL VPN portal Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-22-086 Final 1 1 2022-10-10T00:00:00 Current version 2022-10-10T00:00:00 2022-10-10T00:00:00 An access of uninitialized pointer vulnerability [CWE-824] in the SSL VPN portal of FortiOS & FortiProxy may allow a remote unauthenticated or authenticated (see Affected Products section) attacker to crash the sslvpn daemon via an HTTP GET request. None Denial of service No need to be authenticated to provoke a crash:FortiOS version 6.4.4 through 6.4.9FortiOS version 7.0.0 through 7.0.5FortiOS version 7.2.0FortiProxy version 7.0.0 through 7.0.4Need to be authenticated to provoke a crash:FortiOS 6.0 all versionsFortiOS version 6.2.0 through 6.2.10FortiOS version 6.4.0 through 6.4.3FortiProxy version 1.2.6 through 1.2.13FortiProxy version 2.0.0 through 2.0.9 Upgrade FortiOS to version 7.2.2 and above,Upgrade FortiOS to version 7.0.7 and above,Upgrade FortiOS to version 6.4.10 and above,Upgrade FortiOS to version 6.2.11 and above.Upgrade FortiProxy to version 7.2.1 and above,Upgrade FortiProxy to version 7.0.7 and above,Upgrade FortiProxy to version 2.0.10 and above. Internally discovered in the frame of an internal audit. FortiOS 7.2.0 FortiOS 7.0.5 FortiOS 7.0.4 FortiOS 7.0.3 FortiOS 7.0.2 FortiOS 7.0.1 FortiOS 7.0.0 FortiOS 6.4.9 FortiOS 6.4.8 FortiOS 6.4.7 FortiOS 6.4.6 FortiOS 6.4.5 FortiOS 6.4.4 FortiOS 6.4.3 FortiOS 6.4.2 FortiOS 6.4.1 FortiOS 6.4.0 FortiOS 6.2.10 FortiOS 6.2.9 FortiOS 6.2.8 FortiOS 6.2.7 FortiOS 6.2.6 FortiOS 6.2.5 FortiOS 6.2.4 FortiOS 6.2.3 FortiOS 6.2.2 FortiOS 6.2.1 FortiOS 6.2.0 FortiOS 6.0.18 FortiOS 6.0.17 FortiOS 6.0.16 FortiOS 6.0.15 FortiOS 6.0.14 FortiOS 6.0.13 FortiOS 6.0.12 FortiOS 6.0.11 FortiOS 6.0.10 FortiOS 6.0.9 FortiOS 6.0.8 FortiOS 6.0.7 FortiOS 6.0.6 FortiOS 6.0.5 FortiOS 6.0.4 FortiOS 6.0.3 FortiOS 6.0.2 FortiOS 6.0.1 FortiOS 6.0.0 FortiProxy 7.0.4 FortiProxy 7.0.3 FortiProxy 7.0.2 FortiProxy 7.0.1 FortiProxy 7.0.0 FortiProxy 2.0.9 FortiProxy 2.0.8 FortiProxy 2.0.7 FortiProxy 2.0.6 FortiProxy 2.0.5 FortiProxy 2.0.4 FortiProxy 2.0.3 FortiProxy 2.0.2 FortiProxy 2.0.1 FortiProxy 2.0.0 FortiProxy 1.2.13 FortiProxy 1.2.12 FortiProxy 1.2.11 FortiProxy 1.2.10 FortiProxy 1.2.9 FortiProxy 1.2.8 FortiProxy 1.2.7 FortiProxy 1.2.6 CVE-2022-29055 FortiOS-7.2.0 FortiOS-7.0.5 FortiOS-7.0.4 FortiOS-7.0.3 FortiOS-7.0.2 FortiOS-7.0.1 FortiOS-7.0.0 FortiOS-6.4.9 FortiOS-6.4.8 FortiOS-6.4.7 FortiOS-6.4.6 FortiOS-6.4.5 FortiOS-6.4.4 FortiOS-6.4.3 FortiOS-6.4.2 FortiOS-6.4.1 FortiOS-6.4.0 FortiOS-6.2.10 FortiOS-6.2.9 FortiOS-6.2.8 FortiOS-6.2.7 FortiOS-6.2.6 FortiOS-6.2.5 FortiOS-6.2.4 FortiOS-6.2.3 FortiOS-6.2.2 FortiOS-6.2.1 FortiOS-6.2.0 FortiOS-6.0.18 FortiOS-6.0.17 FortiOS-6.0.16 FortiOS-6.0.15 FortiOS-6.0.14 FortiOS-6.0.13 FortiOS-6.0.12 FortiOS-6.0.11 FortiOS-6.0.10 FortiOS-6.0.9 FortiOS-6.0.8 FortiOS-6.0.7 FortiOS-6.0.6 FortiOS-6.0.5 FortiOS-6.0.4 FortiOS-6.0.3 FortiOS-6.0.2 FortiOS-6.0.1 FortiOS-6.0.0 FortiProxy-7.0.4 FortiProxy-7.0.3 FortiProxy-7.0.2 FortiProxy-7.0.1 FortiProxy-7.0.0 FortiProxy-2.0.9 FortiProxy-2.0.8 FortiProxy-2.0.7 FortiProxy-2.0.6 FortiProxy-2.0.5 FortiProxy-2.0.4 FortiProxy-2.0.3 FortiProxy-2.0.2 FortiProxy-2.0.1 FortiProxy-2.0.0 FortiProxy-1.2.13 FortiProxy-1.2.12 FortiProxy-1.2.11 FortiProxy-1.2.10 FortiProxy-1.2.9 FortiProxy-1.2.8 FortiProxy-1.2.7 FortiProxy-1.2.6 7.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:F/RL:U/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-22-086 Access to NULL pointer in SSL VPN portal Reference>