IRONSMITHINTEL
MEDIUMCVSS6.7
|
Actively Exploited
|CISA KEV|CVE-2022-41328|Auth: high — administrative privileges|Reboot: required|Manual only

Fortinet FortiOS < 7.2.0 — Path Traversal

Fortinet FortiOS contains a path traversal vulnerability that may allow a local privileged attacker to read and write files via crafted CLI commands.

Published Mar 7, 2023 · Updated May 17, 2026
Why patchRisk explained in plain English
Worst-case scenarioIf unpatched

A local attacker, with administrative privileges, can achieve full data confidentiality loss, arbitrary modification of data, complete denial of service or system unavailability. Federal agencies are required to remediate by 2023-04-04 under CISA BOD 22-01.

How the attack worksNo clicks needed

This is a Path Traversal (CWE-22) vulnerability in Fortinet FortiOS. A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. Exploitation requires local access, low attack complexity, an administrative account, and no user interaction required.

Am I affected?Quick check

Probably yes if any of these apply:

Network Security Team
Firewall Administrators
IT Security
Running fortios: 6.0.0 ≤ v ≤ 6.0.16, 6.2.0 ≤ v < 6.2.14, 6.4.0 ≤ v < 6.4.12, 7.0.0 ≤ v < 7.0.10, 7.2.0 ≤ v < 7.2.4
Fixed in7.2.0
Real-world incidentsWhat we've seen

CISA added this CVE to the Known Exploited Vulnerabilities catalog on 2023-03-14 based on evidence of active exploitation in the wild. Federal agencies required to remediate by 2023-04-04.

How to patch

Manual remediation steps

1
Identify affected hosts: query inventory for network-security installs in scope.
2
Upgrade to version 7.2.0 or later. Stage in a test ring before broad deployment.
3
Verify by checking the installed version on a sample of remediated hosts.
4
Document the remediation in your change ticket and re-scan with your vulnerability scanner to confirm closure.
PowerShell automationComing soon

No tested PowerShell script for this entry yet. We’re prioritising automation based on user demand.

References

CVE-2022-41328MSRC AdvisoryNVDVendor Advisory