Security News > 2022 > October > Fortinet urges admins to patch bug with public exploit immediately

Fortinet urges customers to urgently patch their appliances against a critical authentication bypass FortiOS, FortiProxy, and FortiSwitchManager vulnerability exploited in attacks.

The company released security updates to address the flaw last week and it also advised customers in private alerts to disable remote management user interfaces on affected devices "With the utmost urgency" to block attacks if they can't immediately patch.

On Friday, after the exploit code was released, Fortinet issued a public warning asking customers to patch this actively exploited security flaw urgently.

Attackers started scanning for unpatched Fortinet devices as soon as the initial confidential notification was sent to customers on October 6, with Fortinet saying that it detected threat actors exploiting the vulnerability to create malicious administrator accounts.

Cybersecurity companies GreyNoise and Bad Packets confirmed Fortinet's findings after sharing that they've also detected attackers scanning for and attempting to exploit CVE-2022-40684 in the wild.

CISA also added CVE-2022-40684 on Tuesday to its list of security bugs exploited in attacks, requiring all Federal Civilian Executive Branch agencies to patch Fortinet devices on their networks until November 1st. Admins who can't immediately apply patches or disable vulnerable appliances to ensure that they aren't compromised can also use the mitigation measures shared by Fortinet in this security advisory.

News URL

https://www.bleepingcomputer.com/news/security/fortinet-urges-admins-to-patch-bug-with-public-exploit-immediately/