Home » Critical vulnerability in FortiGate firewalls and FortiProxy web proxies allow remote threat actor to take control of management interface

Critical vulnerability in FortiGate firewalls and FortiProxy web proxies allow remote threat actor to take control of management interface

by Exploit One
0 comment

Managers of FortiGate firewalls and FortiProxy web proxies have been advised by Fortinet to upgrade to the most recent versions, which fix a serious severity flaw.

An administrative interface authentication bypass design flaw (marked as CVE-2022-40684) might allow remote malicious actors to log onto unpatched systems.

CVE-2022-40684 is a major authentication bypass vulnerability that obtained a CVSSv3 score of 9.6. A malicious hacker with access to the administration interface might carry out administrator actions by sending specifically designed HTTP or HTTPS queries to a susceptible target.

There is no information at this time on whether attackers have taken use of this vulnerability. However, Fortinet’s advice to fix this vulnerability “with the utmost urgency” is prudent considering threat actors’ propensity to target FortiOS vulnerabilities.

Mitigation
Fortinet’s customer messages, which have now been made public on Twitter, list the following susceptible and patched version numbers:

Update: By now the full text of the e-mail and a screenshot of the internal advisory have been shared.
So here goes a screenshot of the unredacted full e-mail as shared on Facebook. Also containing possible #workarounds.#Fortinet #CVE202240684 #RCE #authbypass #advisory pic.twitter.com/ruVmYhyXA5
— Gitworm (@Gi7w0rm) October 7, 2022

According to Fortinet, you can restrict access to the management interface by using a local-in policy if you are unable to apply patches right away. In their FortiGate Hardening Guide, Fortinet also provides instructions for blocking access to trusted hosts and preventing administrative access to the interface that faces the internet.

The post Critical vulnerability in FortiGate firewalls and FortiProxy web proxies allow remote threat actor to take control of management interface appeared first on Cyber Security News Exploit One

You may also like

Leave a Comment

CyberNonStop

Cybernonstop is created to bring news and knowledge through articles to visitors.

Do not forget to subscribe.

Laest News

@2021 – All Right Reserved. Designed and Developed by PenciDesign