On October 7, 2022, less than a month after the ProxyNotShell attack that used Microsoft Exchange Server zero-day vulnerability, a Fortinet authentication bypass vulnerability, CVE-2022-40684, was discovered. This vulnerability is being exploited in Fortigate, Fortiproxy, and Fortiswitch Manager among Fortinet products and is particularly found in Firmware 7.x version products. This article analyzes the authentication … Continue reading CVE-2022-40684: Fortinet Authentication Vulnerability That Threatens Fortinet Users