More vulnerabilities published in *UNPATCHED* Fortinet Gear

More vulnerabilities published in UNPATCHED Fortinet Gear

Mar, Mon, 2025
nathan
Industry News , Tech news

Another vulnerability, this time with a CVSS 3 base score of either 9.3 or 9.8 (out of 10, both are bad) has been announced in multiple UNPATCHED Fortinet products. Below is the description from the NIST announcement for the vulnerability.

A buffer underwrite (‘buffer underflow’) vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, version 2.0.12 and below and FortiOS-6K7K version 7.0.5, version 6.4.0 through 6.4.10 and version 6.2.0 through 6.2.10 and below allows a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests.

Some things to keep in mind:

This vulnerability was discovered by Fortinet during routine, internal testing of their security products.
All Cyber Tech Cafe MyIT clients are already patched against these vulnerabilities as part of the MyIT Service.
According to the FortiGuard Labs announcement, there are currently no instances where this vulnerability has been exploited in the wild.
So far, none of the recent vulnerabilities have been in up-to-date Fortinet products.

Some things you can do:

Limit access, specifically to the VPN and Management Interfaces.
- If this device is not going to be used as a VPN endpoint, simply disable the VPN on the WAN Interface.
- Disable management on the WAN Interface or, if you need to manage it remotely, leverage the Trusted Hosts option to limit access to only known, trusted hosts.
Ensure that your device is up-to-date. With newer versions of FortiOS, this can be automated.
Ensure that your device is configured to disallow known malicious traffic and generate alerts for suspicious activity.
Ensure that you’re monitoring logs and alerts for things like failed login attempts, successful login attempts and configuration changes.

Additional Information

Need IT Support for your Home or Business? We’d love to help!

Are you a small to medium sized business looking to leverage technology and enable your business and workforce to work smarter and more efficiently? Do you already have computers, servers, firewalls, VPNs or other technology that you’re not taking full advantage of? Are you looking for an IT Service Provider who understands small to medium sized businesses needs and the challenges that we face that can work with you to grow your business rather than just sell you time?

Cyber Tech Cafe an IT Service Company with a focus on helping small to medium business get the most out of their technology investment. As a small business ourselves, we understand the challenges you face and have designed our service offerings to help you get the most out of your technology dollar. We offer on-call, as needed support if you just need a quick fix or extra set of hands right now. We also offer maintenance plans that we call “MyIT” that are designed to address the most common concerns (patch management, disaster recovery / backup, log review, etc.) that are based on the number of workstations and servers that you have and have no term contract. We believe that, if you find value in what we’re doing, you’ll find a way to keep us around without contract saying that you have to.

If you have questions about the MyIT plans or have an IT need that you need addressed right now, let us know. We look forward to the opportunity to earn your business.

Article Submitted by Nathan J. Underwood, CEH