WARNING: Active Exploitation in FortiOS SSL-VPN

Fortinet has released a patch for an actively exploited bug in FortiOS SSL-VPN that may allow an unauthenticated remote attacker to execute arbitrary code or commands via specifically crafted requests.
Fortinet (1)
Please ensure your FortiGate’s are patched to the following recommendations: 
 
FortiOS version 7.2.3 or above
FortiOS version 7.0.9 or above
FortiOS version 6.4.11 or above
FortiOS version 6.2.12 or above
FortiOS-6K7K version 7.0.8 or above
FortiOS-6K7K version 6.4.10 or above
FortiOS-6K7K version 6.2.12 or above
FortiOS-6K7K version 6.0.15 or above
 
To read the full PSIRT Advisory from Fortinet, click here. For a technical summary from BleepingComputer, click here.

Please contact our support team if you have any questions or need assistance in closing down this exploit with a Firmware upgrade.

WARNING: Active Exploitation in FortiOS SSL-VPN
LinkedIn
Facebook
Twitter