CVE-2022-42475
ENISA EUVD: EUVD-2022-45545 ↗
Exploited in the Wild
✓ Confirmed 0-Day
★ Google Project Zero
Triaged: March 3, 2026
18 articles
Published: 2023-01-02
EPSS Score
Source: FIRST.org · 2026-05-23
93.92%
probability
This CVE has a 93.92% probability
of being exploited in the next 30 days.
0%
Top 99.9th percentile of all CVEs
100%
CVSS v3.1
Source: VulnerabilityLookup (CIRCL)9.3
CRITICAL
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Temporal
Exploit Code Maturity
Proof-of-Concept
Remediation Level
Unavailable
Report Confidence
Confirmed
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
Description
VulnerabilityLookup (CNA)A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN 7.2.0 through 7.2.2, 7.0.0 through 7.0.8, 6.4.0 through 6.4.10, 6.2.0 through 6.2.11, 6.0.15 and earlier and FortiProxy SSL-VPN 7.2.0 through 7.2.1, 7.0.7 and earlier may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.
Affected Products
Fortinet
FortiProxy
7.2.0
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0
Fortinet
FortiOS
7.2.0
7.0.0
6.4.0
6.2.0
6.0.0
5.6.0
Attack Intelligence
CWE-118
· Incorrect Access of Indexable Resource ('Range Error')
CWE-119
· Buffer Overflow
CWE-197
· Numeric Truncation Error
CWE-664
· Improper Control of a Resource Through its Lifetime
CWE-681
· Incorrect Conversion between Numeric Types
CWE-704
· Incorrect Type Conversion
CWE-787
· Out-of-bounds Write
Google Project Zero
Patched
Dec. 12, 2022
Reported by
???
Root Cause Analysis
???
Exploits & PoC
scrt/cve-2022-42475
POC code to exploit the Heap overflow in Fortinet's SSLVPN daemon
108
2023-03-14
0xhaggis/CVE-2022-42475
An exploit for CVE-2022-42475, a pre-authentication heap overflow in Fortinet networking products
34
2023-06-21
P4x1s/CVE-2022-42475-RCE-POC
CVE-2022-42475 飞塔RCE漏洞 POC
8
2023-03-23
Amir-hy/cve-2022-42475
FortiOS buffer overflow vulnerability
7
2023-03-16
bryanster/ioc-cve-2022-42475
test for the ioc described for FG-IR-22-398
1
2023-05-14
1
2023-03-22
0
2023-04-27
0
2026-02-27
8 repos — triés par ⭐
Rechercher sur GitHub ↗
Signal Intelligence
Confidence
92%
EPSS
93.92%
CVSS v3.1
9.3
Mentions
18
Last Seen
Apr 06, 2026
CNA Information
CNA Assigner
fortinet
Analyst Note
CVE-2022-42475 is a critical heap-based buffer overflow (CVSS 9.3) affecting multiple versions of FortiOS and FortiProxy SSL-VPN with remote code execution capability, validated by inclusion in Google Project Zero's tracking and corroborated by official CERT-EU security advisory. The vulnerability affects unauthenticated attack vectors across widely-deployed enterprise security appliances, providing strong evidence for confirmed status.
Threat Actors 72
MuddyWater
apt_group
Information theft and espionage
🇮🇷 IR
Lazarus Group
apt_group
Information theft and espionage
🇰🇵 KP
APT 41
apt_group
Information theft and espionage
🇨🇳 CN
Turla Group
apt_group
Information theft and espionage
Russian Federation
APT 29
apt_group
Information theft and espionage
🇷🇺 RU
DarkHotel
apt_group
Information theft and espionage
🇰🇷 KR
Cobalt
apt_group
Financial crime
🇷🇺 RU
APT37
apt_group
Information theft and espionage
🇰🇵 KP
FIN7
apt_group
Financial crime
🇷🇺 RU
APT32
apt_group
Information theft and espionage
🇻🇳 VN
CHRYSENE
apt_group
Information theft and espionage
🇮🇷 IR
Harvester
apt_group
Information theft and espionage
Unknown
Careto
apt_group
Information theft and espionage
🇪🇸 ES
Leviathan
apt_group
Information theft and espionage
🇨🇳 CN
BelialDemon
apt_group
🇷🇺 RU
Hacking Team
apt_group
🇮🇹 IT
Energetic Bear
apt_group
Information theft and espionage
🇷🇺 RU
Nitro
apt_group
Information theft and espionage
🇨🇳 CN
MAGNALLIUM
apt_group
Sabotage and destruction
🇮🇷 IR
Ice Fog
apt_group
Information theft and espionage
🇨🇳 CN
DNSpionage
apt_group
Information theft and espionage
🇮🇷 IR
Kinsing
apt_group
🇷🇺 RU
HAZY TIGER
apt_group
Information theft and espionage
🇮🇳 IN
Infy
apt_group
Information theft and espionage
🇮🇷 IR
Naikon
apt_group
Information theft and espionage
🇨🇳 CN
Volt Typhoon
apt_group
Information theft and espionage
🇨🇳 CN
Wekby
apt_group
Information theft and espionage
🇨🇳 CN
Group 27
apt_group
Information theft and espionage
🇨🇳 CN
Evilnum
apt_group
Information theft and espionage
TeamTNT
apt_group
🇩🇪 DE
ProjectSauron
apt_group
Information theft and espionage
🇺🇸 US
ArcaneDoor
apt_group
🇨🇳 CN
Predatory Sparrow
apt_group
Sabotage and destruction
🇮🇱 IL
PROMETHIUM
apt_group
Information theft and espionage
🇹🇷 TR
Silence group
apt_group
Financial crime
🇷🇺 RU
Water Gamayun
apt_group
🇷🇺 RU
APT24
apt_group
Information theft and espionage
🇨🇳 CN
Pirate Panda
apt_group
Information theft and espionage
🇨🇳 CN
GhostNet
apt_group
Information theft and espionage
🇨🇳 CN
RAZOR TIGER
apt_group
Information theft and espionage
🇮🇳 IN
Putter Panda
apt_group
Information theft and espionage
🇨🇳 CN
ShadowSyndicate
apt_group
🇷🇺 RU
NetTraveler
apt_group
Information theft and espionage
🇨🇳 CN
El Machete
apt_group
Information theft and espionage
🇻🇪 VE
UNC3886
apt_group
Information theft and espionage
🇨🇳 CN
TeamXRat
apt_group
🇧🇷 BR
IXESHE
apt_group
Information theft and espionage
🇨🇳 CN
Anchor Panda
apt_group
Information theft and espionage
🇨🇳 CN
GCMAN
apt_group
Financial crime
🇷🇺 RU
PowerPool
apt_group
Information theft and espionage
🇷🇺 RU
Blue Termite
apt_group
Information theft and espionage
🇨🇳 CN
Blackgear
apt_group
Information theft and espionage
🇨🇳 CN
GC01
apt_group
Financial gain
🇨🇦 CA
Rocke
apt_group
🇨🇳 CN
RedAlpha
apt_group
Information theft and espionage
🇨🇳 CN
Markopolo
apt_group
🇷🇺 RU
Mora_001
apt_group
🇷🇺 RU
Red October
apt_group
🇷🇺 RU
Scarab
apt_group
Information theft and espionage
🇨🇳 CN
ZooPark
apt_group
Information theft and espionage
🇮🇷 IR
The White Company
apt_group
Information theft and espionage
🇨🇳 CN
Test Panda
apt_group
🇨🇳 CN
Shadow Network
apt_group
Information theft and espionage
🇨🇳 CN
Mana Team
apt_group
🇨🇳 CN
Iron Group
apt_group
Information theft and espionage
🇨🇳 CN
puNK-003
apt_group
🇰🇵 KP
Operation Shadow Force
apt_group
🇨🇳 CN
Big Panda
apt_group
🇨🇳 CN
APT 5
apt_group
Information theft and espionage
🇨🇳 CN
Beijing Group
apt_group
Information theft and espionage
🇨🇳 CN
Electric Panda
apt_group
🇨🇳 CN
Dark Partners
apt_group
Triage Info
Decided atMar 03, 2026
Published DateJan 02, 2023