What is CVE-2022-26122 vulnerability?

CVE-2022-26122 is an insufficient verification of data authenticity vulnerability in FortiClient, FortiMail, and FortiOS AV engines.

What is the severity of CVE-2022-26122?

The severity of CVE-2022-26122 vulnerability is high with a CVSS score of 8.6.

Which software versions are affected by CVE-2022-26122?

FortiClient AV engines version 6.2.168 and below, FortiClient 6.4.274 and below, FortiMail version 6.0.0 to 6.0.12, 6.2.0 to 6.2.9, 6.4.0 to 6.4.6, and FortiOS version 6.0.0 to 6.0.15, 6.2.0 to 6.2.11, 6.4.0 to 6.4.10 are affected by CVE-2022-26122.

How can an attacker exploit CVE-2022-26122 vulnerability?

An attacker can exploit CVE-2022-26122 vulnerability by manipulating MIME attachment with junk and pad characters in base64.

Is there a fix available for CVE-2022-26122 vulnerability?

Yes, Fortinet has released patches to address CVE-2022-26122 vulnerability. It is recommended to update to the latest version of the affected software.

Vulnerability/
CVE-2022-26122

high

8.6

CWE

345

1/11/2022

2/11/2022

22/10/2024

25/10/2024

CVE-2022-26122: Evasion by manipulating MIME attachment

First published: Tue Nov 01 2022(Updated: )

An insufficient verification of data authenticity vulnerability [CWE-345] in FortiClient, FortiMail and FortiOS AV engines may allow an attacker to bypass the AV engine via manipulating MIME attachment with junk and pad characters in base64.

Credit: psirt@fortinet.com

Affected Software	Affected Version	How to fix
Fortinet Antivirus Engine	=0.4.23
Fortinet Antivirus Engine	=2.0.49
Fortinet Antivirus Engine	=2.0.60
Fortinet Antivirus Engine	=4.4.54
Fortinet Antivirus Engine	=6.33
Fortinet Antivirus Engine	=6.137
Fortinet Antivirus Engine	=6.142
Fortinet Antivirus Engine	=6.144
Fortinet Antivirus Engine	=6.145
Fortinet Antivirus Engine	=6.156
Fortinet Antivirus Engine	=6.157
Fortinet Antivirus Engine	=6.243
Fortinet Antivirus Engine	=6.252
Fortinet Antivirus Engine	=6.253
Fortinet FortiMail	>=6.0.0<=6.0.12
Fortinet FortiMail	>=6.2.0<=6.2.9
Fortinet FortiMail	>=6.4.0<=6.4.6
Fortinet FortiMail	>=7.0.0<=7.0.2
Fortinet FortiMail	=4.1.0
Fortinet FortiOS	>=6.0.0<=6.0.15
Fortinet FortiOS	>=6.2.0<=6.2.11
Fortinet FortiOS	>=6.4.0<=6.4.10
Fortinet FortiOS	>=7.0.0<=7.0.6
Fortinet FortiOS	=7.2.0

Remedy

https://fortiguard.com/psirt/FG-IR-22-074

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2022-26122 vulnerability?
CVE-2022-26122 is an insufficient verification of data authenticity vulnerability in FortiClient, FortiMail, and FortiOS AV engines.
What is the severity of CVE-2022-26122?
The severity of CVE-2022-26122 vulnerability is high with a CVSS score of 8.6.
Which software versions are affected by CVE-2022-26122?
FortiClient AV engines version 6.2.168 and below, FortiClient 6.4.274 and below, FortiMail version 6.0.0 to 6.0.12, 6.2.0 to 6.2.9, 6.4.0 to 6.4.6, and FortiOS version 6.0.0 to 6.0.15, 6.2.0 to 6.2.11, 6.4.0 to 6.4.10 are affected by CVE-2022-26122.
How can an attacker exploit CVE-2022-26122 vulnerability?
An attacker can exploit CVE-2022-26122 vulnerability by manipulating MIME attachment with junk and pad characters in base64.
Is there a fix available for CVE-2022-26122 vulnerability?
Yes, Fortinet has released patches to address CVE-2022-26122 vulnerability. It is recommended to update to the latest version of the affected software.

agent/type
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
agent/remedy
agent/author
agent/weakness
collector/mitre-cve
source/MITRE
agent/last-modified-date
collector/fortiguard-psirt-latest
source/FortiGuard
alias/CVE-2022-26122
collector/fortiguard-psirt
agent/severity
agent/references
agent/title
agent/first-publish-date
agent/tags
agent/event
agent/description
vendor/fortinet
canonical/fortinet antivirus engine
version/fortinet antivirus engine/0.4.23
version/fortinet antivirus engine/2.0.49
version/fortinet antivirus engine/2.0.60
version/fortinet antivirus engine/4.4.54
version/fortinet antivirus engine/6.33
version/fortinet antivirus engine/6.137
version/fortinet antivirus engine/6.142
version/fortinet antivirus engine/6.144
version/fortinet antivirus engine/6.145
version/fortinet antivirus engine/6.156
version/fortinet antivirus engine/6.157
version/fortinet antivirus engine/6.243
version/fortinet antivirus engine/6.252
version/fortinet antivirus engine/6.253
canonical/fortinet fortimail
version/fortinet fortimail/6.0.0
version/fortinet fortimail/6.0.12
version/fortinet fortimail/6.2.0
version/fortinet fortimail/6.2.9
version/fortinet fortimail/6.4.0
version/fortinet fortimail/6.4.6
version/fortinet fortimail/7.0.0
version/fortinet fortimail/7.0.2
version/fortinet fortimail/4.1.0
canonical/fortinet fortios
version/fortinet fortios/6.0.0
version/fortinet fortios/6.0.15
version/fortinet fortios/6.2.0
version/fortinet fortios/6.2.11
version/fortinet fortios/6.4.0
version/fortinet fortios/6.4.10
version/fortinet fortios/7.0.0
version/fortinet fortios/7.0.6
version/fortinet fortios/7.2.0