Fortinet has notified its customers of a security weakness affecting FortiGate firewalls and FortiProxy web proxies, which can allow attackers to execute unauthorized operations on vulnerable systems. | Vulnerability on FortiGate
Vulnerability on FortiGate | The significant bug, identified as CVE-2022-40684 (CVSS score: 9.6), pertains to an authentication bypass vulnerability that allows unauthenticated attackers to perform arbitrary activities on the administrative interface through a carefully crafted HTTP(S) request.
The problem affects the following versions, which have been fixed in FortiOS 7.0.7 and 7.2.2, as well as FortiProxy 7.0.7 and 7.2.1, which were published this week:
- FortiOS – Versions 7.0.0 to 7.0.6 and 7.2.0 to 7.2.1
- FortiProxy – Versions 7.0.0, 7.0.6, and 7.2.0
Due to the potential for remote exploitation of this problem, Fortinet strongly advises all customers with vulnerable versions to execute an immediate upgrade, the firm said in a tweet published by security researcher Gitworm.
Fortinet is aware of an incident in which this vulnerability was exploited and recommended quickly checking your systems against the following indicator of compromise in the device’s logs: user=’Local Process Access,’ the firm said in a warning.
NEXT MASTERCLASS Targeted ICS Ransomware In Manufacturing: How To Be Prepared
If updates to the current version are not an option, users should disable the HTTP/HTTPS administrative interface or limit the IP addresses that may access it.
Timely and continuous contact with our clients are critical components in our efforts to effectively safeguard and secure their business, the company claimed in a statement from The Hacker News. Customer communications frequently include the most recent recommendations and suggested next measures to help safeguard and secure their firm.
Sharing is Caring!
You are welcome to put this blog article on your website, provided you also append an active link to our website “Source: https://resources.rhyno.io”
For media enquiries, contact us at [email protected].
MANAGED CYBERSECURITY SOLUTIONS
Rhyno delivers a range of activities that combine to fully protect your infrastructure and data from cybercriminals, anywhere and everywhere, 24/7/365.
About Rhyno Cybersecurity Services
Rhyno Cybersecurity is a Canadian-based company focusing on 24/7 Managed Detection and Response, Penetration Testing, Enterprise Cloud, and Cybersecurity Solutions for small and midsize businesses.
Our products and services are robust, innovative, and cost-effective. Underpinned by our 24x7x365 Security Operations Centre (SOC), our experts ensure you have access to cybersecurity expertise when you need it the most.