Main Vulnerability Database SB2022090655

SB2022090655 - TCP middlebox reflection attack in FortiOS

Published: September 6, 2022

Security Bulletin ID SB2022090655

Severity

Medium

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Denial of service

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Improper Verification of Source of a Communication Channel (CVE-ID: CVE-2022-27491)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to improper verification of the communication channel source when handling TCP connections. A remote attacker can force the device to send "blocked page" HTML data to an arbitrary victim via specially crafted TCP requests and perform TCP Middlebox Reflection attack.

Successful exploitation of the vulnerability requires that at least one firewall policy has inspection mode set to flow-based (default) and at least one Security Profile is enabled (e.g. Web Filter, AntiVirus, IPS, DLP, Application Control, SSL, File filter).

Remediation

Install update from vendor's website.

References

https://fortiguard.fortinet.com/psirt/FG-IR-22-073