If you have a FortiGate SSL VPN appliance, it’s time to patch it as a critical vulnerability has been discovered which if exploited can be used to hijack the appliance:
In a recent blog post, French researchers Olympe Cyberdefense said the flaw would let a “hostile agent interfere via the VPN, even if the multi-factor authentication was activated.”
The researchers said patches have been issued in FortiOS firmware for the following versions: 7.0.12, 7.2.5, 6.4.13 and 6.2.15 — and that they are waiting for more details to be released tomorrow on June 13.
Fortinet has a general practice of putting out security patches prior to disclosing critical vulnerabilities to give its customers time to patch before threat actors get ahold of the information.
On June 11, Lexfor Security researcher Charles Fol published a tweet confirming the flaw, saying that Fortinet published a patch for CVE-2023-27997, which was reserved by Fortinet with MITRE. Fol said it was an RCE that’s reachable pre-authentication on every Fortinet SSL-VPN appliance and advised patching immediately.
Joe Saunders, CEO, RunSafe Security had this comment:
Chasing patches and developing urgent fixes is a continuously losing battle. We need a way to achieve memory safety in code so we don’t have to play this cat and mouse game in perpetuity.
Given the fact that threat actors will often use information like this to create attacks, I’d get to patching this flaw ASAP to protect your enterprise.
Like this:
Like Loading...
Related
This entry was posted on June 13, 2023 at 11:45 am and is filed under Commentary with tags Fortinet. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Fortinet Patches Critical FortiGate SSL VPN Vulnerability
If you have a FortiGate SSL VPN appliance, it’s time to patch it as a critical vulnerability has been discovered which if exploited can be used to hijack the appliance:
In a recent blog post, French researchers Olympe Cyberdefense said the flaw would let a “hostile agent interfere via the VPN, even if the multi-factor authentication was activated.”
The researchers said patches have been issued in FortiOS firmware for the following versions: 7.0.12, 7.2.5, 6.4.13 and 6.2.15 — and that they are waiting for more details to be released tomorrow on June 13.
Fortinet has a general practice of putting out security patches prior to disclosing critical vulnerabilities to give its customers time to patch before threat actors get ahold of the information.
On June 11, Lexfor Security researcher Charles Fol published a tweet confirming the flaw, saying that Fortinet published a patch for CVE-2023-27997, which was reserved by Fortinet with MITRE. Fol said it was an RCE that’s reachable pre-authentication on every Fortinet SSL-VPN appliance and advised patching immediately.
Joe Saunders, CEO, RunSafe Security had this comment:
Chasing patches and developing urgent fixes is a continuously losing battle. We need a way to achieve memory safety in code so we don’t have to play this cat and mouse game in perpetuity.
Given the fact that threat actors will often use information like this to create attacks, I’d get to patching this flaw ASAP to protect your enterprise.
Share this:
Like this:
Related
This entry was posted on June 13, 2023 at 11:45 am and is filed under Commentary with tags Fortinet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.