Join Our Popular Newsletter
Join 4,500+ Linux & Open Source Professionals!
2x a month. No spam.
New auth bypass bug targets FortiGate firewalls and FortiProxy web proxies
A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices.
The bug, a critical bug traced as CVE-2022-40684, has a severity of 9.6 and affects some versions, including: FortiOS from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1; FortiProxy from 7.0.0 to 7.0.6 and 7.2.0. It has however been addressed in FortiOS versions 7.0.7 and 7.2.2, and FortiProxy versions 7.0.7 and 7.2.1 released this week.
Fortinet explained that the bug relates to an authentication bypass vulnerability that could allow an unauthenticated threat actor to perform arbitrary operations on the administrative interface via a specially crafted HTTP(S) request.
Fortinet said it was delaying the public announcement until its customers had implemented the corrections it had issued.
“Due to the ability to exploit the issue remotely, Fortinet is strongly recommending all customers with the vulnerable versions to perform an immediate upgrade,” the company cautioned in a warning shared by a security expert who goes by the alias Gitworm on Twitter.
A temporary workaround is to disable internet-based HTTPS Administration until upgrades can be set up, or alternatively to enforce a firewall policy for “local-in traffic.”
“Timely and ongoing communications with our customers is a key component in our efforts to best protect and secure their organization. Customer communications often detail the most up-to-date guidance and recommended next steps to best protect and secure their organization. There are instances where confidential advance customer communications can include early warning on advisories to enable customers to further strengthen their security posture, which then will be publicly released in the coming days to a broader audience. The security of our customers is our first priority,” said Fortinet.
The sources for this piece include an article in TheHackerNews.