Over Two-Thirds of FortiGate Firewalls Still at Risk
Bishop Fox said they have successfully developed an exploit for the vulnerability
Stay secure with our latest firewall updates, trends, and expert insights in information security to protect your digital assets effectively.
Search across headline titles and summaries.
Background for this topic.
Firewalls are security controls that permit or block network connections according to policy. They can operate at network boundaries, between internal segments, on individual hosts, or in cloud environments. Basic rules use addresses, ports, protocols, and connection state; more advanced firewalls may inspect applications or encrypted traffic where configured. Their purpose is to limit which systems can communicate, not to determine that all permitted traffic is safe.
Security depends heavily on accurate policy and maintenance. Overly broad, obsolete, or conflicting rules can expose services or allow unnecessary lateral movement, while unmanaged administrative interfaces and unpatched firewall software create additional attack surfaces. Practitioners should restrict management access, apply least-privilege rules, review and remove exceptions, and monitor logs for unexpected connections and policy changes. Firewall logs can support investigation, but encryption, evasion, and traffic allowed by policy may limit what the control can detect.
Bishop Fox said they have successfully developed an exploit for the vulnerability
No less than 330000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical security flaw affecting Fortinet devices that have come under active exploitation in the wild
That's a vulnerability that's under attack, fix available ... cancel those July 4th plans, perhaps? More than 338,000 FortiGate firewalls are still unpatched and vulnerable to CVE-2023-27997, a critical bug Fortinet fixed last month that's being exploited in the wild.…
Hundreds of thousands of FortiGate firewalls are vulnerable to a critical security issue identified as CVE-2023-27997, almost a month after Fortinet released an update that addresses the problem. [...]