TT-CSIRT – 440.09.04.25 – Fortinet Security Advisories
Please be advised of the following critical alert regarding multiple vulnerabilities affecting various Fortinet products, including FortiOS, FortiProxy, FortiManager, FortiAnalyzer, FortiVoice, and FortiWeb. These vulnerabilities could allow an unauthenticated attacker in a man-in-the-middle (MITM) position to impersonate the management device. Organizations utilizing affected Fortinet versions are urged to take immediate action.
Impact: Successful exploitation of these vulnerabilities could allow an attacker to:
- Gain unauthorized access to managed Fortinet devices.
- Potentially modify configurations and policies.
- Disrupt normal operations.
- Compromise the security of the affected network.
Affected Versions:
| Version | Affected | Solution |
| FortiAnalyzer 7.6 | Not affected | Not Applicable |
| FortiAnalyzer 7.4 | 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| FortiAnalyzer 7.2 | 7.2.0 through 7.2.4 | Upgrade to 7.2.5 or above |
| FortiAnalyzer 7.0 | 7.0.0 through 7.0.11 | Upgrade to 7.0.12 or above |
| FortiAnalyzer 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
| FortiAnalyzer 6.2 | 6.2.0 through 6.2.13 | Upgrade to 6.2.14 or above |
| FortiManager 7.6 | Not affected | Not Applicable |
| FortiManager 7.4 | 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| FortiManager 7.2 | 7.2.0 through 7.2.4 | Upgrade to 7.2.5 or above |
| FortiManager 7.0 | 7.0.0 through 7.0.11 | Upgrade to 7.0.12 or above |
| FortiManager 6.4 | 6.4.0 through 6.4.14 | Upgrade to 6.4.15 or above |
| FortiManager 6.2 | 6.2.0 through 6.2.13 | Upgrade to 6.2.14 or above |
| FortiOS 7.6 | Not affected | Not Applicable |
| FortiOS 7.4 | 7.4.0 through 7.4.4 | Upgrade to 7.4.5 or above |
| FortiOS 7.2 | 7.2.0 through 7.2.8 | Upgrade to 7.2.9 or above |
| FortiOS 7.0 | 7.0.0 through 7.0.15 | Upgrade to 7.0.16 or above |
| FortiOS 6.4 | 6.4 all versions | Migrate to a fixed release |
| FortiOS 6.2 | 6.2.0 through 6.2.16 | Upgrade to 6.2.17 or above |
| FortiProxy 7.6 | Not affected | Not Applicable |
| FortiProxy 7.4 | 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| FortiProxy 7.2 | 7.2.0 through 7.2.9 | Upgrade to 7.2.10 or above |
| FortiProxy 7.0 | 7.0.0 through 7.0.15 | Upgrade to 7.0.16 or above |
| FortiProxy 2.0 | 2.0 all versions | Migrate to a fixed release |
| FortiVoice 7.2 | Not affected | Not Applicable |
| FortiVoice 7.0 | 7.0.0 through 7.0.2 | Upgrade to 7.0.3 or above |
| FortiVoice 6.4 | 6.4.0 through 6.4.8 | Upgrade to 6.4.9 or above |
| FortiVoice 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiWeb 7.6 | Not affected | Not Applicable |
| FortiWeb 7.4 | 7.4.0 through 7.4.2 | Upgrade to 7.4.3 or above |
| FortiWeb 7.2 | 7.2 all versions | Migrate to a fixed release |
| FortiWeb 7.0 | 7.0 all versions | Migrate to a fixed release |
Recommendations:
TT-CSIRT strongly recommends that organizations using the identified vulnerable Fortinet products take the following immediate actions:
- Upgrade Immediately: Upgrade all affected Fortinet products to the latest stable versions as recommended in the Fortinet advisory FG-IR-24-046. Refer to the Fortinet Security Bulletins for specific upgrade paths and recommended versions.
- Review Network Controls: Ensure appropriate network segmentation and access controls are in place to limit the potential impact of a successful MITM attack.
- Monitor for Suspicious Activity: Closely monitor network traffic and system logs for any unusual or suspicious activity that may indicate exploitation attempts.
- Educate Personnel: Remind employees about the risks of social engineering and the importance of verifying the authenticity of communications, especially those involving administrative access or configuration changes.
References:
- Fortinet Advisory FG-IR-24-046
- Fortinet Fortigate No certificate name verification for fgfm c… | Tenable®
If you have any queries, comments or require assistance, please feel free to contact TT-CSIRT via contacts@ttcsirt.gov.tt
