Project Hyphae
Search

Fortinet Authentication Bypass – Critical

Share This Post

On 10/6/22 Fortinet announced an authentication bypass vulnerability in their FortiGate and FortiProxy products. This vulnerability would allow an attacker to bypass authentication access the Administrative functions of these devices and should be patched immediately.

There have been a few Fortinet related vulnerabilities over the last couple of years and organizations are often slow to patch these devices as the process can often be disruptive. However, these authentication bypass vulnerabilities are nothing to play with and should be addressed as quickly as possible.

At the moment there are approximately 100,000 of these devices that can be discovered through a Shodan search, so this has the potential to impact a lot of organizations. As is noted in the article linked below, it is unclear if all of those devices have their management portal exposed to the internet, and as a best practice these should not be exposed. As a mitigation step for this vulnerability, as well as future vulnerabilities, management interfaces should only be exposed to the internal network and limited to the devices that can access them from there.

This vulnerability is being tracked as CVE-2022-40684 and Fortinet has released a patch for it. Get that patch installed ASAP and block external traffic to those management interfaces.

Bleeping Computer: https://www.bleepingcomputer.com/news/security/fortinet-warns-admins-to-patch-critical-auth-bypass-bug-immediately/



Reach out to our incident response team for help

More To Explore

Information Security News 3-25-2024

Developer Sues Minnesota Contractor After $735K Payment Disappears Article Link: https://www.constructiondive.com/news/beck-sues-ryan-fsa-title-cybercrime/710708/ Truck-to-Truck Worm Could Infect and Disrupt Entire US Commercial Fleet Article Link: https://www.theregister.com/2024/03/22/boffins_tucktotruck_worm/ NIST’s

Information Security News 3-18-2024

Threat Actors Leaked 70 Million Records Allegedly Stolen From AT&T Article Link: https://securityaffairs.com/160627/data-breach/70m-att-records-leaked.html Former Telecom Manager Admits to Doing SIM Swaps for $1,000 Article Link:

Do You Want to Shore Up Your Defenses?

We're opening our first round of threat hunting engagements to 100 organizations. Sign up or join the wait list here.