Skip to content

FortiOS / FortiProxy / FortiSwitchManager – Authentication Bypass (CVE-2022-40684)

  • Resources
  • Glossary
  • FortiOS / FortiProxy / FortiSwitchManager – Authentication Bypass (CVE-2022-40684)

We would like to bring to your attention a newly discovered authentication bypass vulnerability within FortiOS, FortiProxy and FortiSwitchManager. This vulnerability is currently being actively exploited.

An authentication bypass has been identified using an alternate path or channel vulnerability [CWE-288] in FortiOS, FortiProxy and FortiSwitchManager which allows an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. The vulnerability has been issued the identifier CVE-2022-40684 and has been given a CVSS score of 9.6.

Affected Products

  • FortiOS version 7.2.0 through 7.2.1

  • FortiOS version 7.0.0 through 7.0.6

  • FortiProxy version 7.2.0

  • FortiProxy version 7.0.0

  • FortiSwitchManager version 7.2.0

  • FortiSwitchManager version 7.0.0

Detection

The current version of FortiOS / FortiGate can be checked with the following command, and should be checked against the known affected products above:

get system status

Additional Fortinet recommend to check the device’s log for the following strings to help detected compromised devices:

  • user=”Local_Process_Access”

  • user_interface=”Node.js”

  • user_interface=”Report Runner”

Exploited hosts may show records for these strings.

Remediation

Whilst a workaround has been provided, current best guidance for remediating this issue to to update to an unaffected version.

  • FortiOS should be updated to version 7.2.2 or above and version 7.0.7 or above.

  • FortiProxy should be updated to version 7.2.1 or above and version 7.0.7 or above.

  • FortiSwitchManager should be updated to version 7.2.1 or above.

References

Nov 2024 SwarmCon 8

CovertSwarm Secures Spot in TechRound’s Top 100 for 2024 

We’re buzzing with excitement to share some incredible news—CovertSwarm has been ranked #31 in TechRound’s prestigious Top 100 list for 2024! This recognition underscores the relentless…
an AI image of an onion with an egg inside it.

Is Your Business Secured Like an Egg or an Onion?

Cybersecurity isn’t about building an impenetrable shell; it’s about creating a resilient system that keeps attackers out—or contains them if they get in.

An In-Depth Guide to Remote Desktop Protocol (RDP) 

The continually changing nature of today’s workplace has made remote access technology essential.