← back
CVE-2022-43953

CVE-2022-43953

CVSS 6.3 MEDIUMEPSS 0.2%CWE-134
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.3EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
13 Jun 2023Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
A use of externally-controlled format string in Fortinet FortiOS version 7.2.0 through 7.2.4, FortiOS all versions 7.0, FortiOS all versions 6.4, FortiOS all versions 6.2, FortiProxy version 7.2.0 through 7.2.1, FortiProxy version 7.0.0 through 7.0.7 allows attacker to execute unauthorized code or commands via specially crafted commands.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:U/RC:C
Affected products
Fortinet · FortiOSFortinet · FortiProxy

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/psirt/FG-IR-22-463