Security News > 2022 > October > Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
2022-10-11 06:21
FortiOS version 7.2.0 through 7.2.1.
FortiOS version 7.0.0 through 7.0.6.
FortiProxy version 7.0.0 through 7.0.6.
FortiSwitchManager version 7.2.0, and.
Updates have been released by the security company in FortiOS versions 7.0.7 and 7.2.2, FortiProxy versions 7.0.7 and 7.2.1, and FortiSwitchManager version 7.2.1.
If updating to the latest version isn't an option, it's recommended users disable the HTTP/HTTPS administrative interface, or alternatively limit IP addresses that can access the administrative interface.
News URL
https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html
Related news
- Gladinet’s Triofox and CentreStack Under Active Exploitation via Critical RCE Vulnerability (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)
- Critical Langflow Flaw Added to CISA KEV List Amid Ongoing Exploitation Evidence (source)
- Ivanti warns of critical Neurons for ITSM auth bypass flaw (source)
- Fortinet fixes critical zero-day exploited in FortiVoice attacks (source)
- Unpatched critical bugs in Versa Concerto lead to auth bypass, RCE (source)
- Hewlett Packard Enterprise warns of critical StoreOnce auth bypass (source)
- Critical Cisco ISE Auth Bypass Flaw Impacts Cloud Deployments on AWS, Azure, and OCI (source)