Fortinet Authentication Bypass vulnerability (CVE-2022-40684)

A critical Authentication Bypass vulnerability (CVE-2022-40684) was identified in FortiOS and FortiProxy recently and is being exploited in the wild.  The vulnerability would potentially allow an unauthenticated attacker to bypass authentication and access the administrative portal by sending a specially crafted HTTPS request.

Fortinet has released a patch to remediate this vulnerability and strongly recommends customers to apply the update IMMEDIATELY.

Vulnerabilities

• Authentication Bypass Vulnerability (CVE-2022-40684)

Severity Level

• Critical

Affected Systems

• FortiOS: 7.0.0 to 7.0.6, 7.2.0 to 7.2.1
• FortiProxy: 7.0.0 to 7.0.6, 7.2.0
• FortiSwitchManager: 7.2.0, 7.0.0

Remediation

• Please apply the update patches in your department devices immediately.

Reference

• https://www.hkcert.org/security-bulletin/fortinet-products-multiple-vulnerabilities_20221011
• https://www.fortiguard.com/psirt/FG-IR-22-377
• https://docs.fortinet.com/document/fortigate/7.0.7/fortios-release-notes/289806/resolved-issues
• https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/289806/resolved-issues

Enquiry

• For enquiries, please contact infosec@cuhk.edu.hk. Thanks a lot.

Published on: 12 Oct 2022