Fortinet on Monday published an advisory confirming that this vulnerability has been exploited in the wild.
“Fortinet is aware of an instance where the vulnerability was exploited and recommended immediately validating your system against the following indicator of compromise in the device logs”.
This vulnerability CVE-2022-40684 with a (CVSS score 9.6) deals with an authentication bypass using an alternate path or channel in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
FortiOS version 7.2.0 – 7.2.1
FortiOS version 7.0.0 – 7.2.1
FortiProxy version 7.20
FortiProxy version 7.0.0 – 7.0.6
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0
Please upgrade to FortiOS version 7.2.2 or above
Please upgrade to FortiOS version 7.0.7 or above
Please upgrade to FortiProxy version 7.2.1 or above
Please upgrade to FortiProxy version 7.0.7 or above
Please upgrade to FortiSwitchManager version 7.2.1 or above