Fortinet developers have warned administrators to urgently update their FortiGate firewalls, FortiProxy Web Proxy, and FortiSwitch Manager (FSWM) to the latest versions tha fix a critical vulnerability in the company’s products.
Let me remind you that we also wrote that Hackers Attacked Critical Vulnerability in Zyxel Firewalls, and also that Cisco fixed critical vulnerability in Jabber for Windows.Fortinet’s latest problem is authentication bypass that is attackers already exploit. The vulnerability received the identifier CVE-2022-40684 and is rated at 9.6 points out of 10 possible on the CVSS scale.
The following products are known to be affected by this issue:
- FortiOS: versions 7.0.0 to 7.0.6 and 7.2.0 to 7.2.1;
- FortiProxy: versions 7.0.0 to 7.0.6 and 7.2.0;
- FortiSwitchManager: Versions 7.0.0 and 7.2.0.
The vulnerability has already been fixed in FortiOS 7.0.7, 7.2.2 and higher, FortiProxy 7.0.7, 7.2.1 and higher, and FortiSwitchManager 7.2.1 or higher.
The company emphasizes that experts are aware of at least one attack using CVE-2022-40684.
According to Shodan, there are currently more than 140,000 FortiGate firewalls on the Internet that are likely vulnerable to attack (if their admin interfaces are open to outside access).
Moreover, information security experts from the Horizon3 Attack Team write on Twitter that they have already developed a PoC exploit for a fresh problem and intend to make it public later this week.