Security News > 2022 > October > Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
FortiOS version 7.2.0 through 7.2.1.
FortiOS version 7.0.0 through 7.0.6.
FortiProxy version 7.0.0 through 7.0.6.
FortiSwitchManager version 7.2.0, and.
Updates have been released by the security company in FortiOS versions 7.0.7 and 7.2.2, FortiProxy versions 7.0.7 and 7.2.1, and FortiSwitchManager version 7.2.1.
If updating to the latest version isn't an option, it's recommended users disable the HTTP/HTTPS administrative interface, or alternatively limit IP addresses that can access the administrative interface.
News URL
https://thehackernews.com/2022/10/fortinet-warns-of-active-exploitation.html
Related news
- Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability (source)
- A critical vulnerability in Delinea Secret Server allows auth bypass, admin access (source)
- Critical GitHub Enterprise Server Flaw Allows Authentication Bypass (source)
- Veeam warns of critical Backup Enterprise Manager auth bypass bug (source)
- Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass (source)