Help
FortiEDR
FortiEDR automates the protection against advanced threats, pre and post-execution, with real time orchestrated incident response functionality.
kwernecke
Staff
Staff

Created on ‎04-05-2022 03:43 PM Edited on ‎04-05-2022 10:14 PM By Community Manager

Article Id 208509

Technical Tip: Spring4Shell vulnerability and FortiEDR

Description This article describes Spring4Shell vulnerability and FortiEDR.
Scope FortiEDR.
Solution

Subject:  CVE-2022-22965 (Spring4Shell) and FortiEDR

CVE-2022-22965 vulnerability is a 0-day exploit that was discovered on a popular Java lightweight open source framework: Spring Framework.

This zero-day can result in a Remote Code Execution.

 

It has been found that FortiEDR servers are non-exploitable to this vulnerability and hence it doesn't affect FortiEDR customers. Due to that, there is no planned FortiEDR release or patch to mitigate the issue.

 

For more details regarding mitigating the vulnerability by utilizing Fortinet products, refer to  https://www.fortiguard.com/outbreak-alert/spring4shell-vulnerability

 

FortiEDR Protection.

 

FortiEDR monitors and protects against payloads delivered by exploitation of the Spring4shell vulnerability, known as CVE-2022-22965. 

Protecting against the payloads is empowered by FortiEDR core, OS centric, technology that exists in all FortiEDR versions.

This technology enables FortiEDR to block post-exploitation activity associated with adversaries attempting to utilize the vulnerability to gain a foothold within the environment.
1155
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.