Description: A critical vulnerability has been identified within FortiOS, specifically impacting its SSL VPN component. This vulnerability, categorized under CWE-787, presents a significant risk as it could potentially enable remote, unauthenticated attackers to execute arbitrary code or commands through carefully crafted HTTP requests.
Impact: Exploitation of this out-of-bounds write vulnerability could result in unauthorized execution of code or commands on affected systems, posing a serious threat to their security and integrity. Immediate action is necessary to mitigate this risk and prevent potential exploitation by malicious entities.
Workaround: While developers work on a patch to address this vulnerability, it is crucial to take proactive measures to minimize exposure. As a temporary workaround, we advise disabling SSL VPN functionality. Please note that simply disabling webmode is not considered a valid workaround for this issue.
Note: It has come to our attention that this vulnerability is potentially being actively exploited in the wild. Therefore, it is essential to prioritize remediation efforts and implement additional security measures to safeguard your systems against potential attacks.
Version | Affected | Solution |
FortiOS 7.4 | 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
FortiOS 7.2 | 7.2.0 through 7.2.6 | Upgrade to 7.2.7 or above |
FortiOS 7.0 | 7.0.0 through 7.0.13 | Upgrade to 7.0.14 or above |
FortiOS 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
FortiOS 6.2 | 6.2.0 through 6.2.15 | Upgrade to 6.2.16 or above |
FortiOS 6.0 | 6.0 all versions | Migrate to a fixed release |
FortiProxy 7.4 | 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
FortiProxy 7.2 | 7.2.0 through 7.2.8 | Upgrade to 7.2.9 or above |
FortiProxy 7.0 | 7.0.0 through 7.0.14 | Upgrade to 7.0.15 or above |
FortiProxy 2.0 | 2.0.0 through 2.0.13 | Upgrade to 2.0.14 or above |
FortiProxy 1.2 | 1.2 all versions | Migrate to a fixed release |
FortiProxy 1.1 | 1.1 all versions | Migrate to a fixed release |
FortiProxy 1.0 | 1.0 all versions | Migrate to a fixed release |
Comments