![]() ![]() The vulnerability was resolved by Fortinet’s version 7.0.7 and 7.2.2 releases on Thursday, October 6, 2022. Based on historical precedent and the privileges obtained by exploiting this vulnerability, Arctic Wolf predicts threat actors will likely develop a proof of concept exploit and exploit it in the near future. ![]() ![]() Fortinet vulnerabilities have historically been exploited by threat actors to gain initial access and move laterally within a victim’s environment, according to CISA’s Known Exploited Vulnerabilities Catalog. With just a specially crafted HTTP/S request, remote, unauthenticated attackers can bypass authentication and gain access to these products’ administrative interface without authentication. The FortiOS (firewall) and FortiProxy (web proxy) software from Fortinet was updated on October 3, 2022, and it was revealed that CVE-2022–40684 is vulnerable to then-current versions. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |