ClickCease New auth bypass bug targets FortiGate and FortiProxy web proxies

Join Our Popular Newsletter

Join 4,500+ Linux & Open Source Professionals!

2x a month. No spam.

New auth bypass bug targets FortiGate firewalls and FortiProxy web proxies

Obanla Opeyemi

October 20, 2022 - TuxCare expert team

A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices.

The bug, a critical bug traced as CVE-2022-40684, has a severity of 9.6 and affects some versions, including: FortiOS from 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1; FortiProxy from 7.0.0 to 7.0.6 and 7.2.0. It has however been addressed in FortiOS versions 7.0.7 and 7.2.2, and FortiProxy versions 7.0.7 and 7.2.1 released this week.

Fortinet explained that the bug relates to an authentication bypass vulnerability that could allow an unauthenticated threat actor to perform arbitrary operations on the administrative interface via a specially crafted HTTP(S) request.

Fortinet said it was delaying the public announcement until its customers had implemented the corrections it had issued.

“Due to the ability to exploit the issue remotely, Fortinet is strongly recommending all customers with the vulnerable versions to perform an immediate upgrade,” the company cautioned in a warning shared by a security expert who goes by the alias Gitworm on Twitter.

A temporary workaround is to disable internet-based HTTPS Administration until upgrades can be set up, or alternatively to enforce a firewall policy for “local-in traffic.”

“Timely and ongoing communications with our customers is a key component in our efforts to best protect and secure their organization. Customer communications often detail the most up-to-date guidance and recommended next steps to best protect and secure their organization. There are instances where confidential advance customer communications can include early warning on advisories to enable customers to further strengthen their security posture, which then will be publicly released in the coming days to a broader audience. The security of our customers is our first priority,” said Fortinet.

The sources for this piece include an article in TheHackerNews.

Summary
New auth bypass bug targets FortiGate firewalls and FortiProxy web proxies
Article Name
New auth bypass bug targets FortiGate firewalls and FortiProxy web proxies
Description
A Fortinet vulnerability in FortiGate firewalls and FortiProxy web proxies could allow a threat actor to perform unauthorized actions on vulnerable devices.
Author
Publisher Name
Tuxcare
Publisher Logo

Looking to automate vulnerability patching without kernel reboots, system downtime, or scheduled maintenance windows?

Learn About Live Patching with TuxCare

Related Articles

How GPT models can be...

According to CyberArk researchers, GPT-based models like ChatGPT can be...

January 30, 2023

Attackers actively exploit Unpatched Control...

Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in...

January 27, 2023

Attackers distribute malware via malicious...

Deep Instinct researchers reported that RATs like StrRAT and Ratty...

January 26, 2023

CircleCI partners AWS to identify...

According to CircleCI’s CTO, Rob Zuber, CircleCI is working with...

January 25, 2023

Cisco warns of authentication bypass...

A remote attacker could exploit multiple vulnerabilities in four Cisco...

January 24, 2023

IceID malware infiltrates Active Directory...

In a notable IcedID malware attack, the assailant impacted the...

January 23, 2023