Fortinet’s critical bug already exploited in the wild

US cybersecurity firm Fortinet acknowledged threat actors have been exploiting the latest vulnerability plaguing several of the company’s products.

A recently discovered critical vulnerability (CVE-2022-40684) affects several versions of Fortinet’s products, such as FortiOS, FortiProxy, and FortiSwithManager.

The US cybersecurity giant claims that an authentication bypass using an alternate path or channel vulnerability in its three products could allow threat actors to access the administrative interface using specially made HTTP or HTTPS requests.

“Fortinet is aware of an instance where this vulnerability was exploited and recommends immediately validating your systems […],” reads the company’s advisory, which also includes a workaround.

First reports of a major bug affecting Fortinet began circulating on October 7, when reports of a vulnerability began circulating on social media.

Last year, a threat actor allegedly scraped nearly 500,000 Fortinet VPN user credentials from unsecured devices, then shared them on his newly launched hacker forum.

The leaker said that the stolen user credentials, many of which were allegedly valid at the time, were acquired in the summer of 2021 by accessing unprotected devices and exploiting a Fortinet VPN vulnerability that has since been patched.

Fortinet is a multinational cybersecurity company with over 10,000 employees, boasting over $3.3 billion revenue.

More from Cybernews:

Heat-sensitive cameras mean password thieves could be hot on your trail

Retailer hit with ransomware after leaving customer data exposed

Woman defrauded in space romance scam

Toyota customer data exposed as dev published key on GitHub

Chief of Ukrainian cybercrime division dies from Russian missile strike

Subscribe to our newsletter

Leave a Reply

Your email address will not be published. Required fields are markedmarked