Outbreak Detection Service

Name Status Update
FortiOS SSL-VPN Buffer Overflow
A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests. Use the Outbreak Detection feature on your FortiAnalyzer to automatically detect FortiOS SSL-VPN Buffer Overflow related indicators of compromise. Fortinet recommends taking immediate action to mitigate this vulnerability (by disabling SSL VPN) before upgrading to the latest release, as documented in the advisory. For more information, please visit this PSIRT Advisory FG-IR-22-398 and knowledge base article mentioned on it.