Proof of concept (PoC) exploit code for recently disclosed critical security flaws affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager is now available, urging users to act quickly to patch is essential.

“FortiOS exposes an administrative web portal that allows users to configure the system,” says Horizon3.ai researcher James Horseman Said“In addition, users can SSH into systems that expose a locked-down CLI interface.”

cyber security

This issue, tracked as CVE-2022-40684 (CVSS score: 9.6), authentication bypass This vulnerability could allow a remote attacker to perform malicious actions in the administration interface via a specially crafted HTTP(S) request.

Successful exploitation of this shortcoming would allow full access to “do almost anything” on the affected system, including changing network configurations, adding malicious users, and intercepting network traffic. is the same as

That said, the cybersecurity firm says there are two key prerequisites when making such requests –

  • The Forwarded header allows an attacker to set the client_ip to ‘127.0.0.1’.
  • The “Trusted Access” authentication check confirms that the client_ip is “127.0.0.1” and the User-Agent is “Report Runner”, both under the control of the attacker.
cyber security

The release of the PoC comes after Fortinet warned that it was already aware of active exploitation of this vulnerability in the wild, and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a federal Agencies were prompted to issue an advisory requiring them to patch this vulnerability by November. January 1, 2022.

Threat intelligence firm Gray Noise was detected 12 unique IP addresses weaponizing CVE-2022-40684 as of October 13, 2022. located Germany, Brazil, USA, China and France.

cropped-BTA_Logo-B-1-scaled-1
YOUR FUTURE STARTS HERE.

BLUE TRAINING ACADEMY

Register now for our membership to gain access to our elite training program and fast forward your career today!

Newsletter

Subscribe my Newsletter for new blog posts, tips & new photos. Let's stay updated!

cropped-BTA_Logo-B-1-scaled-1
Security Blog

Blue Training Academy

Blue Training Academy was developed in 2018 as a educational and training facility for continuing education and certification courses. Blue Training Academy is an educational institution that allows for all sectors of the public and Criminal Justice field to gain ongoing training and education.

Copyright ยฉ๏ธ All rights reserved. | Blue Training Academy Blog