After privately warning customers last week that they need to patch or mitigate CVE-2022-40684, a critical vulnerability affecting FortiOS, FortiProxy, and FortiSwitchManager, Fortinet has finally confirmed that it “is aware of an instance where this vulnerability was exploited.” But their advice to organizations to immediately check their systems for a specific indicator of compromise makes it sound like they believe more widespread attacks have happened or are happening. About CVE-2022-40684 CVE-2022-40684 is an authentication bypass … More
The post Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: