Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
firdausi12
New Contributor III

Fortinet Critical Authentication Bypass Vulnerability Actively Exploited

Hello Team,

 

Please who has an idea on how can we mitigate this risk?

 

Kindly help me with a solution please

 

Regards,

Firdausi Nababa

FN
FN
1 Solution
Yurisk
Valued Contributor

I assume you are talking about administrator GUI authentication bypass critical vulnerability CVE-2022-40684. Then 

  • Upgrade vulnerable (7.0.0-7.0.6, 7.2.0-7.2.1) versions to the next one (7.0.7, 7.2.2)
  • Disable completely HTTPS admin GUI access on the Internet/unsafe-networks facing interfaces of the Fortigate
  • (Workaround) Configure Local-in policy that allows only trusted by you IPs to access admin GUI.

 

N.B. @fortinet folks: May be time has come to make public the relevant bulletin/announcement? After all, it is news everyone on the Internet already knows about, why hide it behind "CONFIDENTIAL INFORMATION" :). Horizon3, at allon their twitter promised to make POC publicly available this/next week.  

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.

View solution in original post

Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
1 REPLY 1
Yurisk
Valued Contributor

I assume you are talking about administrator GUI authentication bypass critical vulnerability CVE-2022-40684. Then 

  • Upgrade vulnerable (7.0.0-7.0.6, 7.2.0-7.2.1) versions to the next one (7.0.7, 7.2.2)
  • Disable completely HTTPS admin GUI access on the Internet/unsafe-networks facing interfaces of the Fortigate
  • (Workaround) Configure Local-in policy that allows only trusted by you IPs to access admin GUI.

 

N.B. @fortinet folks: May be time has come to make public the relevant bulletin/announcement? After all, it is news everyone on the Internet already knows about, why hide it behind "CONFIDENTIAL INFORMATION" :). Horizon3, at allon their twitter promised to make POC publicly available this/next week.  

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
Labels
Top Kudoed Authors