CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

16 Oct 2022

No Comments

1754

An authentication bypass using an alternate path or channel vulnerability [CWE-288] in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

Exploitation Status:

Fortinet recommends immediately validating systems against the following indicator of compromise in the device’s logs: user=”Local_Process_Access”

Affected Products
FortiOS version 7.2.0 through 7.2.1
FortiOS version 7.0.0 through 7.0.6
FortiProxy version 7.2.0
FortiProxy version 7.0.0 through 7.0.6
FortiSwitchManager version 7.2.0
FortiSwitchManager version 7.0.0

Workaround:
Workaround is available in https://www.fortiguard.com/psirt/FG-IR-22-377

Solutions
Please upgrade to FortiOS version 7.2.2 or above
Please upgrade to FortiOS version 7.0.7 or above
Please upgrade to FortiProxy version 7.2.1 or above
Please upgrade to FortiProxy version 7.0.7 or above
Please upgrade to FortiSwitchManager version 7.2.1 or above

Reference:
https://www.fortiguard.com/psirt/FG-IR-22-377

info@cirt.gov.bd

+88-02-550071 83-86

CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

by CIRT Team

16 Oct 2022

in CVE

No Comments

1754

CIRT Team

Recommended Posts

CVE-2022-42889: Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults

CVE-2022-41352: Remote Code Execution Vulnerability in Zimbra Collaboration Suite

CVE-2022-40684: Critical Authentication Bypass in FortiOS and FortiProxy

Subscribe here

Important links

MEMBER OF: