Breaches Enterprise Vulnerabilities

Update: Attackers actively exploiting recently disclosed authentication bypass vulnerability in FortiOS, FortiProxy and FortiSwitchManager

Key takeaway:  Adversaries can exploit the vulnerability remotely to gain full control of affected systems [297 words]. What: Attackers have begun actively exploiting a critical authentication bypass vulnerability (CVE-2022-40684) that Fortinet privately disclosed last week in its FortiOS, FortiProxy and FortiSwitchManager technologies.  The vulnerability allows a remote, unauthenticated attacker to gain full administrative control of […]

Read More
Enterprise Vulnerabilities

Fortinet warns of critical severity remotely executable authentication bypass vulnerability

Key takeaway: Fortinet products are a popular attacker target. Update now if you have affected versions of FortiOS and FortiProxy in your environment. If you cannot patch immediately disable Internet facing HTTPS Admin till you can.[296 words] What:  A critical authentication bypass vulnerability (CVE-2022-40684) exists in the following FortiOS and FortiProxy versions. FortiOS: From 7.0.0 […]

Read More