PSIRT Blogs
Analysis of Threat Actor Data Posting
This blog analysis regarding a recent threat actor posting, which claims to offer compromised configuration and VPN credentials from FortiGate devices, provides factual information to help our customers better understand the situation and make informed decisions.
Proactive, Responsible Disclosure Is One Crucial Way Fortinet Strengthens Customer Security
The cybersecurity industry continues to grow and mature. As a part of this process, we must collectively raise the topic of—and discuss the need for—ethical rules for handling the disclosure of vulnerabilities, especially given the many benefits of providing such intelligence in protecting customers against cyber adversaries.
The Importance of Patching: An Analysis of the Exploitation of N-Day Vulnerabilities
An analysis of the exploitation of resolved N-Day Fortinet vulnerabilities by an unknown actor.
Analysis of CVE-2023-27997 and Clarifications on Volt Typhoon Campaign
Today, Fortinet published a CVSS Critical PSIRT Advisory (FG-IR-23-097 / CVE-2023-27997) along with several other SSL-VPN related fixes. This blog adds context to that advisory, providing our customers with additional details to help them make informed, risk-based decisions, and provides our perspective relative to recent events involving malicious actor activity.
Analysis of FG-IR-22-369
A following write-up that details Fortinet's investigation into the incident that led to the discovery of FG-IR-22-369 and additional IoCs identified during our ongoing analysis.
Perspectives: FortiNAC and CVE-2022-39952
Fortinet published a Critical Advisory (FG-IR-22-300 / CVE-2022-39952) for FortiNAC on February 16, 2023. This article adds perspective to that Advisory to provide customers with additional and accurate details.
Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd
Fortinet published CVSS: Critical advisory FG-IR-22-398 / CVE-2022-42475 on Dec 12, 2022. This blog details our initial investigation into this malware and additional IoCs identified during our ongoing analysis. Read more.
Update Regarding CVE-2022-40684
Fortinet recently distributed a PSIRT advisory regarding CVE-2022-40684 that details urgent mitigation guidance. Fortinet strongly urges potentially affected customers to immediately update their FortiOS, FortiProxy, and FortiSwitchManager products.
Apache Log4j Vulnerability
Read for an update from Fortinet about the Apache Log4j vulnerability, including protections and mitigating issues. It is critical that organizations take immediate action to inventory systems and prioritize remediation.
Fortinet and Expiring Let’s Encrypt Certificates
Read more for an update from Fortinet about Let’s Encrypt certificates as well as how Fortinet is working to improve certificate validation.
