In recent days, a critical security flaw has been unearthed in Fortinet SSL VPN, an integral component of Fortinet Firewall devices. This vulnerability has sent shockwaves through the cybersecurity community as it exposes systems to the risk of remote code execution by unauthenticated attackers.
Over the past few years, we've witnessed a concerning trend of exploits targeting firewall manufacturers. This latest vulnerability is particularly worrisome as it can be exploited without authentication and is easily detectable through internet scanning.
If your organization relies on Fortinet SSL VPN, it's crucial to take immediate action to safeguard your systems. Here's what you need to know:
Recommended Action Plan:
Firmware Update: Fortinet has issued a PSIRT advisory urging users to update to a secure firmware version. While this update is minor, it does require a system reboot. We'll work with you to schedule this reboot to minimize disruption, with an anticipated downtime of around 10 minutes.
If a reboot is not feasible at the moment…
Disable SSL VPN: As a temporary measure, we recommend disabling your SSL VPN until the necessary update can be applied. However, please note that remote usage will not be possible until the update is implemented.
Our team is proactively reaching out to our clients to schedule these updates. We aim to push these updates as soon as possible.
It's worth mentioning that if your organization does not utilize Fortinet devices, no action is required. However, it's prudent to review the necessity of enabling SSL VPN on any firewall with your IT team to mitigate potential vulnerabilities.
We understand that addressing security vulnerabilities can be daunting, but your attention to this matter is paramount. Should you have any questions or require further clarification, please don't hesitate to contact us. We will continue to provide any updates here.
Until next time, stay productive, and secure!
Here are some additional resources you may be interested in: