{"id":33115,"date":"2024-02-08T19:12:36","date_gmt":"2024-02-08T18:12:36","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=33115"},"modified":"2024-02-08T19:12:36","modified_gmt":"2024-02-08T18:12:36","slug":"critical-fortios-bug-feb-8-2024","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2024\/02\/08\/critical-fortios-bug-feb-8-2024\/","title":{"rendered":"Critical FortiOS-Bug (Feb. 8., 2024)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" title=\"Sicherheit (Pexels, allgemeine Nutzung)\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2021\/04\/Sicherheit_klein.jpg\" alt=\"Sicherheit (Pexels, allgemeine Nutzung)\" width=\"200\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2024\/02\/08\/critical-fortios-bug-8-feb-2024\/\" target=\"_blank\" rel=\"noopener\">German<\/a>]A very brief note, which was also pointed out to me by a blog reader. Forti has re-released all FortiOS versions on February 8, 2024. The release notes do not say what has been fixed in these versions. The reader confirmed my suspicion off the record that there is another critical SSLVPN bug.<\/p>\n<p><!--more--><\/p>\n<p>Nothing is currently being published to prevent attackers from exploiting the vulnerability. The colleagues from Bleeping Computer have published <a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/fortinet-warns-of-new-fortisiem-rce-bugs-in-confusing-disclosure\/\" target=\"_blank\" rel=\"noopener\">this article<\/a> with a list of updates.<\/p>\n<p>A second reader wrote to me (with reference to t<a href=\"https:\/\/www.reddit.com\/r\/fortinet\/comments\/1alaprv\/firmware_releases_incoming\/\" target=\"_blank\" rel=\"noopener\">his reddit.com<\/a> post): T<em>here are firmware upgrades for Fortinet down to version 6.2 (which is actually no longer supported at all). What exactly is patched is unclear, but often the release notes with the security details about vulnerabilities are only filled a few days later by Fortinet.<\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]A very brief note, which was also pointed out to me by a blog reader. Forti has re-released all FortiOS versions on February 8, 2024. The release notes do not say what has been fixed in these versions. The reader &hellip; <a href=\"https:\/\/borncity.com\/win\/2024\/02\/08\/critical-fortios-bug-feb-8-2024\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,1547],"tags":[69,1544],"class_list":["post-33115","post","type-post","status-publish","format-standard","hentry","category-security","category-software","tag-security","tag-software"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/33115","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=33115"}],"version-history":[{"count":1,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/33115\/revisions"}],"predecessor-version":[{"id":33116,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/33115\/revisions\/33116"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=33115"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=33115"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=33115"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}