Fortinet Critical Authentication Bypass Vulnerability has been exploited.
Fortinet on Monday published an advisory confirming that this vulnerability has been exploited in the wild.
“Fortinet is aware of an instance where the vulnerability was exploited and recommended immediately validating your system against the following indicator of compromise in the device logs”.
Earlier this month reports began circulating that Fortinet communicated directly with customers about a critical vulnerability in its FortiOS and FortiProxy products.
This vulnerability CVE-2022-40684 with a (CVSS score 9.6) deals with an authentication bypass using an alternate path or channel in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
Affected Products
FortiOS version 7.2.0 – 7.2.1
FortiOS version 7.0.0 – 7.2.1
FortiProxy version 7.20
FortiProxy version 7.0.0 – 7.0.6
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0
Updates
Please upgrade to FortiOS version 7.2.2 or above
Please upgrade to FortiOS version 7.0.7 or above
Please upgrade to FortiProxy version 7.2.1 or above
Please upgrade to FortiProxy version 7.0.7 or above
Please upgrade to FortiSwitchManager version 7.2.1 or above