Patch All The FortiGate Firewalls
There Are Still More Than 338,000 Unpatched FortiGate Firewalls
You might not personally own or work with a FortiGate firewall VPN devices but you can be sure that you interact with several while you are browsing the web. Unfortunately there is also a good chance that they are currently vulnerable to a serious exploit as well over a quarter million of the devices remain unpatched. This is bad news not just for your bank, content provider or online store but is also bad news for you.
When you are using a VPN you like to think your packets are travelling through secure hardware, but sadly this bug is being exploited in the wild. It allows an attacker to trigger remote code execution on the device, which can be used to give them complete control over network traffic. This could allow you to be redirected to an imposter site, without any sign on your end as the VPN connection itself will remain active and all will look good on your end.
The patch has been available for almost a month now, unfortunately there are a large number of devices which have yet to be patched. Hopefully the number of unpatched devices will fall quickly, but for now be extra careful out there.
Fortinet did not respond to The Register's inquiries about how many products remain unpatched.
More Tech News From Around The Web
- Mystery Intel bug halts shipments of some Sapphire Rapids Xeons @ The Register
- Microsoft denies data breach, theft of 30 million customer accounts @ Bleeping Computer
- AMD CPU Use Among Linux Gamers Approaching 70% Marketshare @ Slashdot
- Microsofties still digesting pay freeze upset by Nadella’s ‘landmark year’ memo @ The Register
- Microsoft Seems To Think We’re Getting a PS5 Slim This Year @ Slashdot
- Sodola 8-port 2.5GbE and 1-port 10GbE Switch @ ServeTheHome
- The link rot spreads: GIF-hosting site Gfycat shutting down Sept. 1 @ Ars Technica
Okay, so how can we users determine that we are going through a Fortinet firewall? And how can we tell if it’s been patched?
IF you are really good with nmap or Wireshark you might be able to determine the hardware you are passing through. Chances are good it is Fortinet but short of finding and trying to use the exploit I can’t think of way to detect the patch.