Security News > 2022 > October > Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
2022-10-11 06:21
FortiOS version 7.2.0 through 7.2.1.
FortiOS version 7.0.0 through 7.0.6.
FortiProxy version 7.0.0 through 7.0.6.
FortiSwitchManager version 7.2.0, and.
Updates have been released by the security company in FortiOS versions 7.0.7 and 7.2.2, FortiProxy versions 7.0.7 and 7.2.1, and FortiSwitchManager version 7.2.1.
If updating to the latest version isn't an option, it's recommended users disable the HTTP/HTTPS administrative interface, or alternatively limit IP addresses that can access the administrative interface.
News URL
https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html
Related news
- Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation (source)
- MFA bypass becomes a critical security issue as ransomware tactics advance (source)
- Critical Ivanti vTM auth bypass bug now exploited in attacks (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- CISA adds fresh Ivanti vuln, critical Fortinet bug to hall of shame (source)
- Fortinet releases patches for undisclosed critical FortiManager vulnerability (source)