December 6, 2023

Fortinet addressed a critical authentication bypass flaw late last week, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies.

An attacker can exploit the vulnerability to log into vulnerable devices and can perform various operations on the admin plane via specially crafted HTTP and HTTPS requests.

Advertisements

Fortinet urges customers of addressing this critical vulnerability immediately due to the risk of remote exploitation of the flaw.

The vulnerability impacts FortiOS versions from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1. FortiProxy versions from 7.0.0 to 7.0.6 and 7.2.0 are also impacted.The company also provided a workaround for those who can’t immediately deploy security updates.

Customers that are not able to upgrade their systems should Disable HTTP/HTTPS administrative interface or Limit IP addresses that can reach it.

Fortinet confirmed today the critical authentication bypass vulnerability is being exploited in the wild.

Advertisements

A working POC exploit code also developed by the Security researchers at the Horizon3 Attack Team and due to release it later this week.

1 thought on “Fortinet Critical Authentication Bypass Flaw exploited in wild

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d