A critical RCE vulnerability gives an attacker administrative access.
Fortinet has alerted its customers to a critical vulnerability affecting FortiGate firewalls and FortiProxy Web Proxy that could potentially allow an attacker to perform unauthorized actions on vulnerable devices.
Critical RCE authentication bypass vulnerability CVE-2022-40684 (CVSS score: 9.6) could allow an unauthorized attacker to perform arbitrary operations on the administrative interface using a specially crafted HTTP(S) request.
This issue affects the following versions:
FortiOS - from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1;
FortiProxy - from 7.0.0 to 7.0.6 and 7.2.0.
The bug has been fixed in FortiOS 7.0.7 and 7.2.2 and in FortiProxy 7.0.7 and 7.2.1 released last week. Fortinet has urged all customers with affected versions to upgrade immediately.
As a temporary security measure, the company recommends that users disable HTTPS administration (HTTPS Administration) until updates are installed. Alternatively, you can restrict access to the FortiGate admin interface using the Local-In firewall policy instead.
According to the Shodan service, more than 100,000 FortiGate devices connected to the Internet are currently in the public domain. However, it is unknown if they have access to the admin interfaces.
Comments 0