Sequretek Advisory - Remote Authentication Bypass Vulnerability in Fortinet Firewalls

Fortinet released patches for a critical authentication bypass vulnerability tracked as CVE-2022-40684 which allows threat actors to log into unpatched FortiGate devices.

• Fortinet on October 7, released a software update that indicates latest versions of their FortiOS (firewall) and FortiProxy (web proxy) software are vulnerable to CVE2022-40684.

• CVE-2022-40684 is a critical vulnerability that allows remote, unauthenticated attackers to bypass authentication and gain access to the administrative interface of these products.

Sign Up Here for Download