Rewterz Threat Alert – AsyncRAT – Active IOCs
December 8, 2022Rewterz Threat Alert – Phobos Ransomware – Active IOCs
December 8, 2022Rewterz Threat Alert – AsyncRAT – Active IOCs
December 8, 2022Rewterz Threat Alert – Phobos Ransomware – Active IOCs
December 8, 2022Severity
High
Analysis Summary
CVE-2022-35843
FortiOS and FortiProxy could allow a remote attacker to bypass security restrictions, caused by an authentication bypass by assumed-immutable data flaw in the SSH login component. By sending a specially-crafted Access-Challenge response from the Radius server, an attacker could exploit this vulnerability to login into the device.
Impact
Security Bypass
Indicators Of Compromise
CVE
- CVE-2022-35843
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiOS 6.0.0
- Fortinet FortiOS 6.2.0
- Fortinet FortiOS 6.4.0
- Fortinet FortiProxy 2.0.0
- Fortinet FortiOS 7.0.0
- Fortinet FortiProxy 7.0.0
- Fortinet FortiProxy 1.2.0
- Fortinet FortiOS 7.2.0
- Fortinet FortiOS 6.4.9
- Fortinet FortiProxy 7.0.6
- Fortinet FortiOS 7.2.1
- Fortinet FortiOS 7.0.7
- Fortinet FortiProxy 2.0.10
Remediation
Refer to Fortinet Security Advisory for patch, upgrade or suggested workaround information.