Fortinet在2022年10月6日針對CVE-2022-40684漏洞,發佈了FortiOS「7.0.7」及「7.2.2」韌體,該漏洞是一個嚴重的身份驗證繞過漏洞,管理人員應盡快更新。
tenable官網針對該漏洞說明:
https://www.tenable.com/blog/cve-2022-40684-critical-authentication-bypass-in-fortios-and-fortiproxy
Fortinet官網對FortiOS 7.0.7版本修復說明:
https://docs.fortinet.com/document/fortigate/7.0.7/fortios-release-notes/289806/resolved-issues
Fortinet官網對FortiOS 7.2.2版本修復說明:
https://docs.fortinet.com/document/fortigate/7.2.2/fortios-release-notes/289806/resolved-issues