Fortinet FortiSwitch owners should be patching their gear ASAP as the company has released security patches for a critical vulnerability in FortiSwitch devices that can be exploited to change administrator passwords remotely.
You can find out more details here: PSIRT | FortiGuard Labs
Martin Jartelius, CISO at Outpost24 had this to say:
“There are a few rules of thumb. DO NOT expose administrative interfaces against the internet if you can avoid this. While this flaw allows a password change, for those who expose their devices against untrusted networks, the quality of passwords is also important, because already today there is the risk of attacks against weak password.”
“We help companies fight both those issues, password quality is the most user-centric, and EASM allows organizations to find those devices and fix the exposure – because exposure it risk, and vulnerability or not – if the attackers cannot reach the device you have substantially less of a stressful morning fixing this issue. Also praise to Fortinet who found, fixed, and disclosed the issue openly.”
This is one of these situations where you should drop what you are doing and patch everything ASAP. I say that because there are a lot of these devices online. Which means every single one is a target for threat actors.
Like this:
Like Loading...
Related
This entry was posted on April 10, 2025 at 12:30 pm and is filed under Commentary with tags Fortinet. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Yikes! Critical FortiSwitch flaw lets hackers change admin passwords remotely
Fortinet FortiSwitch owners should be patching their gear ASAP as the company has released security patches for a critical vulnerability in FortiSwitch devices that can be exploited to change administrator passwords remotely.
You can find out more details here: PSIRT | FortiGuard Labs
Martin Jartelius, CISO at Outpost24 had this to say:
“There are a few rules of thumb. DO NOT expose administrative interfaces against the internet if you can avoid this. While this flaw allows a password change, for those who expose their devices against untrusted networks, the quality of passwords is also important, because already today there is the risk of attacks against weak password.”
“We help companies fight both those issues, password quality is the most user-centric, and EASM allows organizations to find those devices and fix the exposure – because exposure it risk, and vulnerability or not – if the attackers cannot reach the device you have substantially less of a stressful morning fixing this issue. Also praise to Fortinet who found, fixed, and disclosed the issue openly.”
This is one of these situations where you should drop what you are doing and patch everything ASAP. I say that because there are a lot of these devices online. Which means every single one is a target for threat actors.
Share this:
Like this:
Related
This entry was posted on April 10, 2025 at 12:30 pm and is filed under Commentary with tags Fortinet. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.