Article
Security Alert: Fortinet Vulnerability
Flaw in cyber security products allows attackers to bypass authentication and gain access to administrative interface
Cyber security company Fortinet recently discovered a vulnerability in three of its products that is being exploited in the wild. At-Bay is now actively monitoring activity related to the vulnerability and notifying affected policyholders to help them quickly mitigate risk.
What is Fortinet?
Fortinet is a cyber security company that develops products such as physical firewalls, antivirus software, intrusion prevention systems, and endpoint security components.
Which Fortinet Products Are Affected?
The following versions of FortiOS, FortiProxy, and FortiSwtich Manager are affected:
At-Bay urges all businesses using any of the affected products to immediately patch the vulnerable software and follow the mitigation methods recommended by Fortinet.
What Is Known About The Fortinet Vulnerability?
The vulnerability is a critical authentication bypass vulnerability in the FortiOS (firewall) FortiProxy (web proxy), and FortiSwitch Manager products. The vulnerability allows remote, unauthenticated attackers to bypass authentication and gain access to the administrative interface of these products by using a specially crafted HTTP/S request.
Fortinet released an update on October 3, 2022 that indicated then-current versions of FortiOS and FortiProxy were vulnerable. The first publication of the vulnerability being successfully exploited came through Twitter by a group of security researchers. Dubbed CVE-2022-40684, the vulnerability is now being widely exploited in the wild.
How At-Bay Is Responding
At-Bay is actively monitoring activity related to the Fortinet vulnerability and working with affected policyholders to help them quickly mitigate risk.
As soon as the Fortinet vulnerability was published, our cyber researchers started assessing the magnitude of the risk and identifying businesses that might be exposed.
After determining exposure and risk, our security team added vulnerability detection to our proprietary security scans and Active Risk Monitoring services to continuously scan for changes in exposure.
We have notified affected At-Bay policyholders to inform them about the Fortinet vulnerability and guide them on how to patch and mitigate the risk based on vendor recommendations.
How Brokers Can Support Clients
At-Bay is continuing to notify policyholders about possible exposure to the Fortinet vulnerability. Even if your client has not received a Security Alert, it’s important for them to check if they’re running vulnerable Fortinet products and patch immediately.
If you have questions or other issues regarding the Fortinet vulnerability, contact our security team at security@at-bay.com.
This article is for informational purposes only. No warranty is given or liability accepted regarding this information. The provisions, exclusions, terms or conditions of the Policy and its endorsements control in all circumstances.
