FortiGate Critical Vulnerability - June 2023
Fortinet have just released the following FortiOS updates for versions 6.0, 6.2 6.4, 7.0, and 7.2 for FortiGate's. At this current time (12/06/23) Fortinet have not disclosed the details of the vulnerability(s) but there is indication of SSL VPN vulnerabilities which is of high concern if you have this feature enabled, as it may allow a remote bad actor to comprise the firewall via the SSL VPN feature and gain access to your environment. This sounds scary and it is, so updating and patching your environment weather it's infrastructure devices or software is critical to preventing such vulnerabilities from being used against you.
If your vDOM is hosted on the vBridge hosted FWaaS platform then we are underway in the patching process so no need to worry, if you have your own FortiGate's we highly recommended upgrading them to the latest release.
The recommended patched versions are as follows:
- 7.2.5
- 7.0.12
- 6.4.13
- 6.2.15
- 6.0.17