Affected Products
Version | Affected |
FortiOS 7.4 | 7.4.0 through 7.4.3 |
FortiOS 7.2 | 7.2.0 through 7.2.7 |
FortiOS 7.0 | 7.0.0 through 7.0.13 |
FortiOS 6.4 | 6.4 all versions |
FortiProxy 7.4 | 7.4.0 through 7.4.3 |
FortiProxy 7.2 | 7.2.0 through 7.2.9 |
FortiProxy 7.0 | 7.0.0 through 7.0.16 |
Background
Fortinet, Inc. (Fortinet) is a global leader of cybersecurity solutions and services that provides protection against cyber threats. It is a company that develops and sells security products and solutions, such as firewalls, endpoint security, intrusion prevention systems, web filtering, antivirus, sandbox, and VPN.
FortiGate is a network security device that provides protection against cyber threats. The device can perform various functions, such as, firewall, intrusion prevention system, web content filtering, antivirus, sandbox and VPN and is part of the Fortinet Security Fabric, which integrates different security products and services into a unified and automated platform.
Timeline
- 2023-11-16: IOActive discovers the vulnerability
- 2023-11-22: IOActive informs Fortinet about the identified vulnerability
- 2024-01-12: Fortinet acknowledges the issue
- 2024-04-26: CVE ID pre-reserved by Fortinet
- 2024-07-10: Advisory published by Fortinet
- 2024-07-25: IOActive advisory published