Fortinet Critical Authentication Bypass Vulnerability Actively Exploited

Forum|Forum|3 years ago
October 12, 2022
1 reply
2788 views

Hello Team,

Please who has an idea on how can we mitigate this risk?

Kindly help me with a solution please

Regards,

Firdausi Nababa

FortiGateCloud

Best answer by Yurisk

I assume you are talking about administrator GUI authentication bypass critical vulnerability CVE-2022-40684. Then

Upgrade vulnerable (7.0.0-7.0.6, 7.2.0-7.2.1) versions to the next one (7.0.7, 7.2.2)
Disable completely HTTPS admin GUI access on the Internet/unsafe-networks facing interfaces of the Fortigate
(Workaround) Configure Local-in policy that allows only trusted by you IPs to access admin GUI.

N.B. @Anonymous folks: May be time has come to make public the relevant bulletin/announcement? After all, it is news everyone on the Internet already knows about, why hide it behind "CONFIDENTIAL INFORMATION" :). Horizon3, at all, on their twitter promised to make POC publicly available this/next week.

YuriskAnswer

SuperUser

I assume you are talking about administrator GUI authentication bypass critical vulnerability CVE-2022-40684. Then

Upgrade vulnerable (7.0.0-7.0.6, 7.2.0-7.2.1) versions to the next one (7.0.7, 7.2.2)
Disable completely HTTPS admin GUI access on the Internet/unsafe-networks facing interfaces of the Fortigate
(Workaround) Configure Local-in policy that allows only trusted by you IPs to access admin GUI.

N.B. @Anonymous folks: May be time has come to make public the relevant bulletin/announcement? After all, it is news everyone on the Internet already knows about, why hide it behind "CONFIDENTIAL INFORMATION" :). Horizon3, at all, on their twitter promised to make POC publicly available this/next week.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded