vulnerability

Fortinet FortiOS: Use of Externally-Controlled Format String (CVE-2022-43953)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Jun 13, 2023	Jun 19, 2023	Jan 28, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Jun 13, 2023

Added

Jun 19, 2023

Modified

Jan 28, 2025

Description

A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.

Solution

fortios-upgrade-latest

References

CVE-2022-43953
https://attackerkb.com/topics/CVE-2022-43953
URL-https://fortiguard.com/psirt/FG-IR-22-463

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today