Warning: FortiGate FortiOS Vulnerabilities

FortiGate FortiOS Vulnerabilities

Digicorp has just been alerted to newly discovered vulnerabilities in the FortiGate FortiOs versions listed below.

FortiOS versions 7.0.0 through 7.0.13 should be patched to the latest point release of 7.0.14.

FortiOS versions 7.2.0  through 7.2.6 should be patched to FortiOS version 7.2.7.

FortiOS versions 7.4.0  through 7.4.2 should be patched to FortiOS version 7.4.3.

FortiOS Versions 6.4.X and earlier should be patched to version 6.4.15.

It is our recommendation to upgrade your firewall(s) to the recommended version or higher as soon as possible to shut down these vulnerabilities. We expect the upgrade process to take 30-60 minutes, depending on your current installed version. If your FortiGate is several versions behind, this process may take longer to install each required intermediate version to reach the recommended safe version. A reboot of the FortiGate is required after each version is applied, which will interrupt functionality during the reboot process.

Need Help Patching?

Please fill out the following form or contact our Support Center directly to coordinate scheduling the applying the appropriate patched version.

Additional Information

The information regarding the discovered vulnerabilities can be found in the following FortiNet articles.

1. SSLVPN

  • Link to FortiGuard PSIRT article: https://www.fortiguard.com/psirt/FG-IR-24-015
  • CVSSv3 score – 9.6/10.
  • Fortinet indicates this is potentially being exploited in the wild.
  • Workaround – disable SSLVPN completely.
  • Affects: All existing versions, from 6.0 – 7.4 except latest patches below.
    • Safe: 6.2.16; 6.4.15; 7.0.14; 7.2.7; 7.4.3. Note – there is no patch for 6.0.

2. FGFMD

  • Link to FortiGuard PSIRT article: https://www.fortiguard.com/psirt/FG-IR-24-029
  • CVSSv3 score – 9.8/10.
  • Fortinet does not indicate how this is attacked or if there are any workarounds.
  • Affects: All existing versions, from 6.0 – 7.4 except latest patches below.
    • Safe: 6.2.16; 6.4.15; 7.0.14; 7.2.7; 7.4.3. Note – there is no patch for 6.0.
LinkedIn
Facebook
Twitter