This is different from last week’s warning: https://www.bleepingcomputer.com/news/security/300-000-plus-fortinet-firewalls-vulnerable-to-critical-fortios-rce-bug/
Fortinet is on fire :)
Man, 7.0 has been a hot mess with their WAD. I haven’t upgraded any customer off 6.4 yet. I think I will skip 7.0 and jump straight to 7.2.
I like the hyperbole and all, but can you at least include the critical information? Literally just patch:
The flaw impacts the following FortiOS versions:
- FortiOS version 7.2.0 through 7.2.3
- FortiOS version 7.0.0 through 7.0.10
- FortiProxy version 7.2.0 through 7.2.2
- FortiProxy version 7.0.0 through 7.0.9
For those unfamiliar, anyone who is patching is already good. The previous two patches fixed this issue, and you should already be patched past this point to mitigate the June 9.8.
LOL! Remind me again how proprietary hardware and software is more secure than open source? Insecurity through obscurity.
It’s not, but that’s not to say that open source software is any more secure just by virtue of being open source. Software needs auditing either way.