Fortinet Products Denial of Service Vulnerability

Impact

• Denial of Service

System / Technologies affected

• FortiOS version 6.0.0 through 6.0.14
• FortiOS version 6.2.0 through 6.2.10
• FortiOS version 6.4.0 through 6.4.8
• FortiOS version 7.0.0 through 7.0.5
• FortiManager version 6.2.0 through 6.2.9
• FortiManager version 6.4.0 through 6.4.7
• FortiManager version 7.0.0 through 7.0.3
• FortiAnalyzer version 6.2.0 through 6.2.9
• FortiAnalyzer version 6.4.0 through 6.4.7
• FortiAnalyzer version 7.0.0 through 7.0.3
• FortiDeceptor version 3.0.0 through 3.0.2
• FortiDeceptor version 3.1.0 through 3.1.1
• FortiDeceptor version 3.2.0 through 3.2.2
• FortiDeceptor version 3.3.0 through 3.3.2
• FortiDeceptor version 4.0.0 through 4.0.1
• FortiDeceptor version 4.1.0
• FortiAuthenticator version 6.0.0 through 6.0.7
• FortiAuthenticator version 6.1.0 through 6.1.2
• FortiAuthenticator version 6.2.0 through 6.2.1
• FortiAuthenticator version 6.3.0 through 6.3.3
• FortiAuthenticator version 6.4.0 through 6.4.1
• FortiMail version 6.0.0 through 6.0.12
• FortiMail version 6.2.0 through 6.2.8
• FortiMail version 6.4.0 through 6.4.6
• FortiMail version 7.0.0 through 7.0.3
• FortiRecorder version 6.0.0 through 6.0.10
• FortiRecorder version 6.4.0 through 6.4.2
• FortiProxy version 7.0.0 through 7.0.3
• FortiSwitch version 6.0.0 through 6.0.7
• FortiSwitch version 6.2.0 through 6.2.7
• FortiSwitch version 6.4.0 through 6.4.10
• FortiSwitch version 7.0.0 through 7.0.4
• FortiWeb version 6.3.0 through 6.3.18
• FortiWeb version 6.4.0 through 6.4.2
• FortiWeb version 7.0.0

Solutions

Before installation of the software, please visit the vendor web-site for more details.

• Apply fixes issued by the vendor:
  https://fortiguard.fortinet.com/psirt/FG-IR-22-059

Vulnerability Identifier

• CVE-2022-0778

Source

• AusCERT
• Fortinet

Related Link

• https://www.auscert.org.au/bulletins/ESB-2022.1432
• https://fortiguard.fortinet.com/psirt/FG-IR-22-059