FortiOS SSL-VPN contains a heap-based buffer overflow allowing unauthenticated remote code execution, exploited as a zero-day from October 2022 by suspected Chinese state-sponsored actors targeting government networks.
NVD
CVSS 3.1
9.8
EPSS
94.0%
Threat
9.8