CVE-2022-40684

Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests. Vendor/Product: Fortinet Multiple Products. Added to CISA KEV 2022-10-11; required action: Apply updates per vendor instructions.