Fortinet Authentication bypass on administrative interface
Description
A critical authentication bypass vulnerability exists in multiple Fortinet products that allows unauthenticated remote attackers to gain administrative access without valid credentials. By sending specially crafted HTTP or HTTPS requests to the administrative interface, attackers can completely bypass authentication mechanisms and execute administrative operations. This vulnerability affects FortiOS versions 7.2.0-7.2.1 and 7.0.0-7.0.6, FortiProxy versions 7.2.0 and 7.0.0-7.0.6, and FortiSwitchManager versions 7.2.0 and 7.0.0. The flaw represents a complete failure of authentication controls on the administrative interface, making it one of the most severe vulnerabilities affecting these products.
Remediation
Immediately apply the following patches to remediate this critical vulnerability:
For FortiOS:
• Upgrade to version 7.2.2 or later if running 7.2.x
• Upgrade to version 7.0.7 or later if running 7.0.x
For FortiProxy:
• Upgrade to version 7.2.1 or later if running 7.2.0
• Upgrade to version 7.0.7 or later if running 7.0.x
For FortiSwitchManager:
• Upgrade to version 7.2.1 or later if running 7.2.0
• Upgrade to version 7.0.1 or later if running 7.0.0
Immediate Mitigation Steps (if patching cannot be performed immediately):
• Restrict access to the administrative interface to trusted IP addresses only using firewall rules or local firewall policies
• Disable administrative interface access from the internet (WAN interfaces)
• Enable administrative access only from dedicated management networks
• Monitor administrative access logs for suspicious authentication attempts or unauthorized configuration changes
Verify patching success by confirming the updated version number in the system information page and reviewing security logs for any unauthorized access that may have occurred prior to remediation.