Detections
Analytics

CVE-2022-40684

critical

Description

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version 7.0.0 through 7.0.6 and FortiSwitchManager version 7.2.0 and 7.0.0 allows an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.

References

https://www.securityweek.com/are-threat-groups-belsen-and-zerosevengroup-related/

https://www.bleepingcomputer.com/news/security/hackers-leak-configs-and-vpn-credentials-for-15-000-fortigate-devices/

https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-215a

https://www.tenable.com/cyber-exposure/tenable-2022-threat-landscape-report

https://www.horizon3.ai/attack-research/attack-blogs/fortinet-iocs-cve-2022-40684/

https://www.tenable.com/blog/cve-2025-64155-exploit-code-released-for-critical-fortinet-fortisiem-command-injection

https://www.tenable.com/blog/cve-2025-64446-fortinet-fortiweb-zero-day-path-traversal-vulnerability-exploited-in-the-wild

https://www.tenable.com/blog/cve-2025-25256-proof-of-concept-released-for-critical-fortinet-fortisiem-command-injection

https://www.tenable.com/blog/cve-2025-32756-zero-day-vulnerability-in-multiple-fortinet-products-exploited-in-the-wild

https://www.tenable.com/blog/cve-2024-55591-fortinet-authentication-bypass-zero-day-vulnerability-exploited-in-the-wild

https://www.tenable.com/blog/cve-2023-48788-critical-fortinet-forticlientems-sql-injection-vulnerability

https://www.tenable.com/blog/cve-2024-21762-critical-fortinet-fortios-out-of-bound-write-ssl-vpn-vulnerability

https://www.tenable.com/blog/aa23-215a-2022s-top-routinely-exploited-vulnerabilities

https://www.tenable.com/blog/cve-2023-27997-heap-based-buffer-overflow-in-fortinet-fortios-and-fortiproxy-ssl-vpn-xortigate

https://www.tenable.com/blog/cve-2022-40684-critical-authentication-bypass-in-fortios-and-fortiproxy

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40684

https://fortiguard.com/psirt/FG-IR-22-377

http://packetstormsecurity.com/files/171515/Fortinet-7.2.1-Authentication-Bypass.html

http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html

Details

Source: Mitre, NVD

Published: 2022-10-18

Updated: 2026-01-14

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.94427