Security News > 2022 > October > Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
2022-10-11 06:21
FortiOS version 7.2.0 through 7.2.1.
FortiOS version 7.0.0 through 7.0.6.
FortiProxy version 7.0.0 through 7.0.6.
FortiSwitchManager version 7.2.0, and.
Updates have been released by the security company in FortiOS versions 7.0.7 and 7.2.2, FortiProxy versions 7.0.7 and 7.2.1, and FortiSwitchManager version 7.2.1.
If updating to the latest version isn't an option, it's recommended users disable the HTTP/HTTPS administrative interface, or alternatively limit IP addresses that can access the administrative interface.
News URL
https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html
Related news
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation (source)
- CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation (source)
- Fortinet warns of auth bypass zero-day exploited to hijack firewalls (source)
- Critical Flaws in WGS-804HPT Switches Enable RCE and Network Exploitation (source)
- SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation (source)