This is different from last week’s warning: https://www.bleepingcomputer.com/news/security/300-000-plus-fortinet-firewalls-vulnerable-to-critical-fortios-rce-bug/
Fortinet is on fire :)
Man, 7.0 has been a hot mess with their WAD. I haven’t upgraded any customer off 6.4 yet. I think I will skip 7.0 and jump straight to 7.2.
There’s been issues with the WAD process using up memory until the unit goes into conserve mode since I was on 6.0.6. I started running a script to restart the process twice daily and have never had a problem since. I just upgraded from 6.4.13 to 7.0.12 a few weeks ago and I’ve left the script to run on every upgrade since 6.0.6. I’ve never disabled it to see if I don’t need it any longer, maybe I should.
config system auto-script edit "restart_wad" set interval 43200 set repeat 360 set start auto set script "diag test app wad 99" next end
I like the hyperbole and all, but can you at least include the critical information? Literally just patch:
The flaw impacts the following FortiOS versions:
- FortiOS version 7.2.0 through 7.2.3
- FortiOS version 7.0.0 through 7.0.10
- FortiProxy version 7.2.0 through 7.2.2
- FortiProxy version 7.0.0 through 7.0.9
For those unfamiliar, anyone who is patching is already good. The previous two patches fixed this issue, and you should already be patched past this point to mitigate the June 9.8.
LOL! Remind me again how proprietary hardware and software is more secure than open source? Insecurity through obscurity.
It’s not, but that’s not to say that open source software is any more secure just by virtue of being open source. Software needs auditing either way.