CVE-2022-41328
Published: 07 March 2023
Summary
CVE-2022-41328 is a medium-severity Path Traversal (CWE-22) vulnerability in Fortinet Fortios. Its CVSS base score is 6.7 (Medium).
Operationally, ranked at the 44.9th percentile by exploit likelihood (below the median); CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
CVE-2022-41328 is a path traversal vulnerability (CWE-22) present in Fortinet FortiOS versions 7.2.0 through 7.2.3, 7.0.0 through 7.0.9, and all releases prior to 6.4.11. The flaw resides in the CLI handling logic and permits improper pathname resolution that bypasses directory restrictions on the underlying Linux filesystem.
A privileged attacker with administrative CLI access can supply crafted commands to read or write arbitrary files. Successful exploitation grants the ability to modify system configuration, access sensitive data, or potentially escalate privileges on the affected FortiOS device.
Fortinet advisory FG-IR-22-369 addresses the issue and recommends applying the fixed releases listed in the bulletin. The vulnerability also appears in CISA's Known Exploited Vulnerabilities catalog, indicating confirmed in-the-wild use.
EPSS for the CVE rose sharply from a low baseline to a peak of 0.3074 on 2023-03-15 shortly after public disclosure before receding to its current value of 0.0022, indicating a transient but notable surge in exploitation interest.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-44535
Vulnerability details
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux…
more
system via crafted CLI commands.
- CWE(s)
- KEV Date Added
- 14 March 2023
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly counters the path traversal by validating CLI-supplied pathnames before filesystem access occurs.
Enforces file read/write restrictions so even crafted CLI commands cannot escape intended directories.
Requires prompt application of the vendor patch that eliminates the pathname-handling flaw in the CLI.