CVE-2022-26122
 
Severity Score
8.6
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
Track
*SSVC
Descriptions
An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines version 6.2.168 and below and version 6.4.274 and below may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.
Una verificación insuficiente de la vulnerabilidad de autenticidad de datos [CWE-345] en los motores FortiClient, FortiMail y FortiOS AV versión 6.2.168 e inferiores y la versión 6.4.274 e inferiores puede permitir a un atacante eludir el motor AV mediante la manipulación del archivo adjunto MIME con basura y pad. caracteres en base64.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:Track
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-02-25 CVE Reserved
- 2022-11-02 CVE Published
- 2024-05-25 EPSS Updated
- 2024-10-22 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-345: Insufficient Verification of Data Authenticity
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://fortiguard.com/psirt/FG-IR-22-074 | 2022-11-04 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 0.4.23 Search vendor "Fortinet" for product "Antivirus Engine" and version "0.4.23" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 2.0.49 Search vendor "Fortinet" for product "Antivirus Engine" and version "2.0.49" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 2.0.60 Search vendor "Fortinet" for product "Antivirus Engine" and version "2.0.60" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 4.4.54 Search vendor "Fortinet" for product "Antivirus Engine" and version "4.4.54" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.33 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.33" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.137 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.137" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.142 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.142" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.144 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.144" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.145 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.145" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.156 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.156" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.157 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.157" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.243 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.243" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.252 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.252" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Antivirus Engine Search vendor "Fortinet" for product "Antivirus Engine" | 6.253 Search vendor "Fortinet" for product "Antivirus Engine" and version "6.253" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | >= 6.0.0 <= 6.0.12 Search vendor "Fortinet" for product "Fortimail" and version " >= 6.0.0 <= 6.0.12" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | >= 6.2.0 <= 6.2.9 Search vendor "Fortinet" for product "Fortimail" and version " >= 6.2.0 <= 6.2.9" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | >= 6.4.0 <= 6.4.6 Search vendor "Fortinet" for product "Fortimail" and version " >= 6.4.0 <= 6.4.6" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | >= 7.0.0 <= 7.0.2 Search vendor "Fortinet" for product "Fortimail" and version " >= 7.0.0 <= 7.0.2" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortimail Search vendor "Fortinet" for product "Fortimail" | 4.1.0 Search vendor "Fortinet" for product "Fortimail" and version "4.1.0" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 6.0.0 <= 6.0.15 Search vendor "Fortinet" for product "Fortios" and version " >= 6.0.0 <= 6.0.15" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 6.2.0 <= 6.2.11 Search vendor "Fortinet" for product "Fortios" and version " >= 6.2.0 <= 6.2.11" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 6.4.0 <= 6.4.10 Search vendor "Fortinet" for product "Fortios" and version " >= 6.4.0 <= 6.4.10" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | >= 7.0.0 <= 7.0.6 Search vendor "Fortinet" for product "Fortios" and version " >= 7.0.0 <= 7.0.6" | - |
Affected
| ||||||
Fortinet Search vendor "Fortinet" | Fortios Search vendor "Fortinet" for product "Fortios" | 7.2.0 Search vendor "Fortinet" for product "Fortios" and version "7.2.0" | - |
Affected
|