CVE-2023-42785: 
FortiOS vulnerability analysis and mitigation

A null pointer dereference vulnerability (CVE-2023-42785) was identified in FortiOS SSL-VPN component. The vulnerability affects multiple versions of FortiOS including versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all versions, 6.4 all versions, 6.2 all versions, and 6.0 all versions. The vulnerability was discovered by security researcher Qian Chen from Codesafe Team of Legendsec at QI-ANXIN Group and was initially published on January 14, 2025 (Fortiguard PSIRT).

The vulnerability is classified as a null pointer dereference [CWE-476] in the SSL-VPN component of FortiOS. It has been assigned a CVSSv3 score of 6.4, indicating a medium severity level. The vulnerability allows a remote attacker with low privileges to trigger the vulnerability through a crafted HTTP request (Fortiguard PSIRT).

When successfully exploited, this vulnerability can lead to a denial of service condition by causing the VPN service to crash. This could potentially disrupt SSL-VPN services for legitimate users of affected FortiOS systems (Fortiguard PSIRT).

Fortinet has released patches to address this vulnerability. Users of FortiOS 7.4.0-7.4.1 should upgrade to version 7.4.2 or above, while users of FortiOS 7.2.0-7.2.5 should upgrade to version 7.2.6 or above. Users of FortiOS versions 7.0, 6.4, 6.2, and 6.0 should migrate to a fixed release. Additionally, FortiSASE version 23.4 has been remediated in Q4/23. Fortinet provides an upgrade tool to help users follow the recommended upgrade path (Fortiguard PSIRT).