Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
WARNING: AUTHENTICATION BYPASS IN FORTIOS & FORTIPROXY SSH LOGIN COMPONENT
Image
Published : 07/12/2022
Reference:
Advisory #2022-42
Version:
1.0
Affected software:
FortiOS version 6.0 all versions
FortiOS version 6.2 all versions
FortiOS version 6.4.0 through 6.4.9
FortiOS version 7.0.0 through 7.0.7
FortiOS version 7.2.0 through 7.2.1
FortiProxy version 1.2.0 all versions
FortiProxy version 2.0.0 through 2.0.10
FortiProxy version 7.0.0 through 7.0.6
Type:
Authentication Bypass
CVE/CVSS:
CVE: CVE-2022-35843
CVSSv3: 7.7
Sources
https://www.fortiguard.com/psirt/FG-IR-22-255
Risks
By successfully exploiting vulnerability CVE-2022-35843, a remote and unauthenticated attacker can login into the device by sending a specially crafted Access-Challenge response from the RADIUS server.
Description
CVE-2022-35843 is an SSH authentication bypass vulnerability affecting multiple versions of FortiOS and FortiProxy. More specifically, this vulnerability affects the SSH login component in both products and causes improper access control where RADIUS authentication is used.
In order to exploit this vulnerability, neither privileges nor user interaction are required.
Recommended Actions
Fortinet recommends patching affected software :
Upgrade to FortiOS version 7.2.2 or above
Upgrade to FortiOS version 7.0.8 or above
Upgrade to FortiOS version 6.4.10 or above
Upgrade to FortiProxy version 7.0.7 or above
Upgrade to FortiProxy version 2.0.11 or above