Report Incident
× Home Cybertech Africa 2023 2 DPO Rw-CSIRT Website About Rw-CSIRT Alerts Advisories About NCSA Documentation News & Events Topics Contact us Opportunities Privacy Policy

Advisory: FortiOS / FortiProxy / FortiSwitchManager Vulnerability Advisory



Fortinet has released a security update to address a vulnerability affecting their appliances (CVE-2022-40684)
Affected systems
CVE 2022-40684 is a critical authentication bypass vulnerability affecting FortiOS / FortiProxy / FortiSwitchManager.
Security Risks
This attack may allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. For full advisories addressing these vulnerabilities, refer to Fortinet’s Security advisories.
Recommended Actions
The National Cyber Security Authority (NCSA) strongly recommends that system administrators should:
  1. Follow the advisory shared by Fortinet and apply suggested mitigations to lower the risk of vulnerability exploitation.
  2. Apply the required and latest security updates as soon as possible.
  3. Before any updating task, please ensure you have a recent backup that can easily be restored.
For further information and support, please contact NCSA by email at or call us on 9009.
Fortinet’s Public Advisory
Fortinet’s Update regarding CVE-2022-40684



17 October 2022

© 2024 National Cyber Security Authority