Fortinet has warned customers to patch an authentication bypass vulnerability, CVE-2022-40684, which can allow a threat actor to logon to unpatched FortiGate firewalls and FortiProxy web proxies. The complete list of Fortinet products vulnerable to attacks includes:
- FortiOS: From 7.0.0 to 7.0.6 and from 7.2.0 to 7.2.1
- FortiProxy: From 7.0.0 to 7.0.6 and version 7.2.0
A Shodan search indicates that more than 100,000 FortiGate firewalls are reachable from the internet, but it is unknown if their management interfaces are also exposed. Fortinet has releases FortiOS and FortiProxy versions 7.0.7 and 7.2.2 to patch this vulnerability and have advised all customers to update their devices via both a public bulletin and via email. Additionally, the company provided a workaround for those who cannot immediately patch this vulnerability, advising them to limit the IP addresses that can reach the administrative interface using a local-in-policy.