CVE-2018-13383
MEDIUM KEV RANSOMWAREFortiProxy < 1.2.9 and FortiOS 5.2.0-5.2.14 - Heap Buffer Overflow in SSL VPN Web Portal
Title source: llmExploitation Summary
CVE-2018-13383 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added January 10, 2022, with confirmed use in ransomware campaigns.
Description
A heap buffer overflow in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.10, 5.4.0 through 5.4.12, 5.2.14 and earlier and FortiProxy 2.0.0, 1.2.8 and earlier in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages.
References (3)
Core 3
Core References
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-13383
Mitigation, Vendor Advisory x_refsource_confirm
https://fortiguard.com/advisory/FG-IR-18-388
Vendor Advisory x_refsource_confirm
https://fortiguard.com/advisory/FG-IR-20-229
Scores
CVSS v3
4.3
EPSS
0.0176
EPSS Percentile
83.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
no
Technical Impact
partial
Details
CISA KEV
2022-01-10
VulnCheck KEV
2019-10-02
InTheWild.io
2019-08-21
ENISA EUVD
EUVD-2018-5327
Ransomware Use
Confirmed
CWE
CWE-787
Status
published
Products (3)
fortinet/fortios
5.2.0 - 5.2.15
fortinet/fortiproxy
2.0.0
fortinet/fortiproxy
< 1.2.9
Published
May 29, 2019
KEV Added
Jan 10, 2022
Tracked Since
Feb 18, 2026