Critical Fortinet Firewall vulnerability

Incident Report for Yorb Limited

Resolved

All clients that have accepted this update have been completed and no further impact has been advised from Fortinet or CertNZ.

If you haven't yet, and would like to organise an update to your firewall, please reach out to support@yorb.tech or call 0800 600 606

More information here: https://www.cert.govt.nz/it-specialists/advisories/fortinet-software-sslv-vpn-remote-code-execution-vulnerability/

Posted Dec 16, 2022 - 08:16 NZDT

Monitoring

We have updated all clients on our Total and Remote support agreements and those that have requested an update. We have notified all other potentially affected clients and will continue to monitor the situation.

If you would like to organise an update to your firewall, please reach out to support@yorb.tech or call 0800 600 606

More information here: https://www.cert.govt.nz/it-specialists/advisories/fortinet-software-sslv-vpn-remote-code-execution-vulnerability/

Posted Dec 14, 2022 - 09:14 NZDT

Update

We are beginning our patching of identified devices for supported clients and those that have requested an update. We will continue to monitor the update progress overnight.

Posted Dec 13, 2022 - 19:19 NZDT

Identified

We are aware of a new Firewall vulnerability on all Fortigates that is being actively exploited in the wild. Fortinet have issued updates and we will be updating all clients on SecureNET, Total Support and Remote Support agreements as soon as practical while we notify all other potentially affected clients.

If you would like to organise an update to your firewall, please reach out to support@yorb.tech or call 0800 600 606

More information here: https://www.cert.govt.nz/it-specialists/advisories/fortinet-software-sslv-vpn-remote-code-execution-vulnerability/

Posted Dec 13, 2022 - 11:28 NZDT