Bern, 17 October 2022: The critical Fortinet vulnerability CVE-2022-40684, which has been known for ten days, allows hackers to log into vulnerable systems with administrator rights. The latest measurements conducted by Dreamlab Technologie’s “CyObs” solution revealed that the IT infrastructures of 533 Swiss companies are still unpatched. Several telecommunications providers, ISPs and electric power companies are among the vulnerable companies. Fast action is urgently needed.
Fortinet warned on 6 October and 10 October 2022 that the documented vulnerability CVE-2022-40684 "Critical Authentication Bypass" affects its three products FortiOS, FortiProxy and FortiSwitchManager. The vulnerability has a high CVSS score (9.6) (Common Vulnerability Scoring System) and allows attackers to log into the affected system with administrator rights. On 13 October 2022, Horizon3 researchers showed how the vulnerability could be exploited.
On 15 October 2022, the cyber radar system "CyObs" developed by Dreamlab Technologies identified 533 unprotected Fortinet devices in Switzerland (see figure). CyObs regularly completes scientific scans of the Swiss Internet infrastructure and compares the results with the CVE database (Common Vulnerabilities and Exposures).
Since the criminal exploitation of the vulnerability could lead to major damage, Dreamlab Technologies informed all 533 affected companies in Switzerland directly on 17 October 2022.
The Swiss companies affected include several telecommunications providers, ISPs, electricity companies and production companies. Dreamlab Technologies urges affected companies to patch their Fortinet infrastructures as soon as possible. There is reason to assume that criminal organizations will focus on Swiss infrastructures with this vulnerability in the next few days.
Further information:
https://www.fortinet.com/blog/psirt-blogs/update-regarding-cve-2022-40684
https://www.fortiguard.com/psirt/FG-IR-22-377
https://dreamlab.net/en/blog/
German version:
About the CyObs cyber radar system
CyObs is a high-precision cyber radar system developed by Dreamlab Technologies, which demonstrably minimizes attack surfaces in the cyber dimension. CyObs includes a complete coverage of a nations’ cyberspace including dependencies and interfaces, reliable diagnostics with real-time recommendations, systematic analysis of cyberattacks and fully automatic scans, supplemented by precise measurements.
Further information about CyObs: https://cyobs.com/
On 15 October 2022, ten days after Fortinet’s initial warning, CyObs still identified 533 vulnerable Swiss critical Fortinet vulnerabilities of CVE-2022-40684 (CyObs radar system, Dreamlab Technologies AG, Bern, www.dreamlab.net and www.cyobs.ch).
