If you purchase via links on our site, we may receive affiliate commissions.

Fortinet’s critical bug already exploited in the wild

Updated on: 11 October 2022

Vilius Petkauskas
Senior Journalist

Image by Shutterstock.

US cybersecurity firm Fortinet acknowledged threat actors have been exploiting the latest vulnerability plaguing several of the company’s products.

A recently discovered critical vulnerability (CVE-2022-40684) affects several versions of Fortinet’s products, such as FortiOS, FortiProxy, and FortiSwithManager.

The US cybersecurity giant claims that an authentication bypass using an alternate path or channel vulnerability in its three products could allow threat actors to access the administrative interface using specially made HTTP or HTTPS requests.

“Fortinet is aware of an instance where this vulnerability was exploited and recommends immediately validating your systems […],” reads the company’s advisory, which also includes a workaround.

First reports of a major bug affecting Fortinet began circulating on October 7, when reports of a vulnerability began circulating on social media.

Last year, a threat actor allegedly scraped nearly 500,000 Fortinet VPN user credentials from unsecured devices, then shared them on his newly launched hacker forum.

The leaker said that the stolen user credentials, many of which were allegedly valid at the time, were acquired in the summer of 2021 by accessing unprotected devices and exploiting a Fortinet VPN vulnerability that has since been patched.

Fortinet is a multinational cybersecurity company with over 10,000 employees, boasting over $3.3 billion revenue.