Image: Getty Images

The Cybersecurity and Infrastructure Security Agency (CISA) has added a Fortinet critical flaw to its known exploited vulnerabilities catalog.   

CISA on Tuesday added the flaw to the KEV catalog, a day after Fortinet revealed an authentication bypass CVE-2022-40684 that it patched last week was already being exploited in the wild.

Privacy

• How to delete yourself from internet search results and hide your identity online
• The best browsers for privacy
• Samsung's smartphone 'Repair Mode' stops technicians from viewing your photos
• Are period tracking apps safe?

"Fortinet is aware of an instance where this vulnerability was exploited, and recommends immediately validating your systems against the following indicator of compromise in the device's logs," Fortinet said. 

Also:The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

The firm has released updates for FortiOS, FortiProxy and FortiSwitchManager to address the flaw, which affects several of its security appliances.

"An authentication bypass using an alternate path or channel vulnerability [CWE-288] in FortiOS, FortiProxy and FortiSwitchManager may allow an unauthenticated atttacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests."

However, for customers that can't apply updates immediately, it has also provided workarounds to disable HTTP/HTTPS administrative interface or limit IP addresses that can reach the administrative interface. 

Separately, CISA on Tuesday also added the Windows flaw CVE-2022-41033 to its KEV catalog. Microsoft released an update for it on Tuesday to address a Windows COM+ Event System Service elevation of privilege vulnerability. Microsoft confirmed it had been exploited but noted that the vulnerability had not been publicly disclosed. 

CISA has ordered federal agencies to apply fixes for both flaws by November 1. 

Security researchers with the Horizon3 Attack Team have published early indicators of compromise to help admins discover compromised devices.

Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next

• 8 habits of highly secure remote workers
• How to find and remove spyware from your phone
• The best VPN services: How do the top 5 compare?
• How to find out if you are involved in a data breach -- and what to do next