Cybersecurity solutions provider Fortinet has warned that a recently patched high-risk authentication bypass vulnerability is being exploited by hackers.
Tracked as CVE-2022-40684, the vulnerability is an authentication bypass issue, which exists due to missing authentication within the administrative web interface and could be used by a remote attacker to compromise an affected device. The issue impacts the following solutions: FortiOS version 7.2.0 through 7.2.1, FortiOS version 7.0.0 through 7.0.6, FortiProxy version 7.2.0, FortiProxy version 7.0.0 through 7.0.6, FortiSwitchManager version 7.2.0, and FortiSwitchManager version 7.0.0.
Fortinet said in its security advisory that it is aware of one instance where the vulnerability was exploited and recommended customers to check their systems for the presence of the following indicator of compromise in the device's logs: user="Local_Process_Access."
The company has also provided a workaround for customers who cannot immediately update their devices to the latest versions of software.