CVE-2022-40684: Fortinet Multiple Products Authentication Bypass

Fortinet Multiple Products Authentication Bypass Vulnerability. Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

• CISA KEV-listed (remediation due 2022-11-01)
• used in ransomware campaigns
• EPSS 94.4% (100.0% percentile)

Browse the CVE database

Read the full analysis on IntelFusions