Share this article on:
The Australian Cyber Security Centre has issued an alert regarding a vulnerability discovered in Fortinet’s FortiOS VPN.
The ACSC explained that the FortiOS SSL-VPN is used by organisations to allow users to remotely access a company network, including instances where staff are working from home.
Fortinet reported that a heap-based buffer overflow vulnerability that was found in multiple versions of the VPN could be exploited by a bad actor to gain control and execute unauthorised actions or crash the service company wide.
“A heap-based buffer overflow vulnerability [CWE-122] in FortiOS SSL-VPN may allow a remote unauthenticated attacker to execute arbitrary code or commands via specifically crafted requests,” Fortinet reported.
While the ACSC has said that it is not aware of any instances in which Australian organisations had been impacted by the exploitation of the vulnerability, Fortinet has said that it has been used by bad actors in the wild.
Fortinet’s product security incident response team (PSIRT) has given the vulnerability a CVSS score of 9.3 out of 10, while the ACSC has released the warning as a “high alert”.
Fortinet released an emergency patch to cover the issue on Monday, which the ACSC has advised businesses to apply “immediately and investigate for signs of compromise”.
The ACSC has said it is currently monitoring the situation and advises those affected to contact them on 1300 292 371. In addition, the Fortinet PSIRT advisory can be found here.