Mytech Knowledge Center

Security Alert: FortiOS devices under active exploit

Written by Jonathan Fondell | Dec 12, 2022 10:45:00 PM

Fortinet has just announced that firewall devices running versions of its FortiOS operating system are under active exploit: CVE-2022-42475 allows an unauthenticated attacker to remotely access admin controls from outside the network, posing a serious security threat to unpatched devices.

Fortinet has already released patches that will eliminate the vulnerability in affected devices. Patch these devices as quickly as possible to safeguard yourself against remote attack.

What you should do:

Talk to your IT provider right away and validate whether this vulnerability affects your network. The exploit will only affect certain Fortinet products (listed in the announcement linked above), so your top priority should be to identify whether your organization uses any of them: if it does, you should then move to patch as quickly as possible.

Mytech’s clients do not need to take any further action at this time: we are aware of this vulnerability and are addressing it. If you have any further questions, please don’t hesitate to reach out.

What Mytech is doing:

As stated above, Mytech is already at work ensuring the security of any of our clients who may be affected by this vulnerability. We will continue to work together with our clients to notify them of significant threats and recommend next steps to ensure their continued security.  

---

Although this vulnerability is known and the solution is straightforward, circumstances can change rapidly in any ongoing vulnerability announcement. For future updates, follow our Security Alerts page.