+6
By Sergiu Gatlan October 13, 2022
Proof-of-concept exploit code is now available for a critical authentication bypass vulnerability affecting Fortinet's FortiOS, FortiProxy, and FortiSwitchManager appliances.
This security flaw (CVE-2022-40684) allows attackers to bypass the authentication process on the administrative interface of FortiGate firewalls, FortiProxy web proxies, and FortiSwitch Manager (FSWM) on-premise management instances.
Patch your firewalls, people! This is serious!
+5Cheers for posting. We use quite a bit of Fortinet kit so I'll send this to the network team to make sure they’re aware
+54
+4Thanks both, will share with the team
+6We’re lucky this time. We don’t use Fortinet, but it’s only a matter of time before something else hits us. Sadly.
Good luck getting all your devices updated. Firewall updates usually mean a late night for someone.
+5We’re lucky this time. We don’t use Fortinet, but it’s only a matter of time before something else hits us. Sadly.
Good luck getting all your devices updated. Firewall updates usually mean a late night for someone.
Yep, but not for me! I no longer work in the network team, I only do projects now, so install the stuff but someone else can maintain them!
+6Oh I see. You just get to ruin someone else’s weekend! 🤣
+5Oh I see. You just get to ruin someone else’s weekend! 🤣
True! I’ve done my time thank you very much!
Alrhough some of my days are spent buried in spreadsheets!
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
