Summary:
- The article discusses a vulnerability in the Fortinet FortiWeb web application firewall that has been added to the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) Known Exploited Vulnerabilities Catalog.
- The vulnerability, CVE-2022-42475, allows attackers to execute arbitrary code on affected systems and can be exploited remotely without authentication.
- CISA has urged federal agencies to patch this vulnerability by November 18, 2022, as it is being actively exploited by malicious actors.