Actively exploited Fortinet vulnerability now has PoC exploit

Immediate patching of a recently reported and actively exploited critical vulnerability in Fortinet FortiOS, FortiSwitchManager, and FortiProxy, has been further urged following the release of a proof-of-concept exploit code, according to The Hacker News. Threat actors could exploit the flaw, tracked as CVE-2022-40684, to conduct various malicious operations through personalized HTTP(S) requests. "After multiple notifications from Fortinet over the past week, there are still a significant number of devices that require mitigation, and following the publication by an outside party of POC code, there is active exploitation of this vulnerability," said Fortinet. As of Thursday, the bug has been leveraged by a dozen unique IP addresses, most of which are in Germany, the U.S., Brazil, China, and France, noted GreyNoise. Moreover, WordFence detected that Fortinet devices are being attempted to be scanned by 21 different IP addresses. Federal agencies have already been urged by the Cybersecurity and Infrastructure Security Agency to remediate the flaw by Nov. 1.