- Solutions
- Events & Courses
Accelerate your digitalization.
In an interactive tour we show you the contemporary possibilities of the modern workplace. - About
- Contact
How can we help?
- VAT BE 0457-553-651
- HRT 079,264
- Or visit webstore.be to find and order products
- Customer Area
Ordering online
We are working to improve your online ordering experience!
Webstore.be + webshop.eurosys.be are undergoing an upgrade to provide you with an even better service in the future. We expect to be back soon. In the meantime, your orders will be handled personally by our internal sales. Thank you for your patience and for your loyalty.Did you know...
As a customer, you can manage support tickets and licences yourself? If you do not yet have access to this, you can request it via business@vanroey.be
Remote Code Execution vulnerability in Fortinet SSL VPN service
Our support will regularly inform you of important events here.
CVE-2022-42475: Fortinet published an advisory on an actively exploited remote code execution vulnerability affecting FortiOS via the SSL VPN service.
Remote Code Execution vulnerability in Fortinet SSL VPN service
Fortinet is aware of at least one case where this vulnerability has been successfully exploited, although other unknown cases may certainly exist.
One exploits a vulnerability to deploy malicious files on the file system of affected devices.
Moreover, as seen in a recent campaign affecting Fortinet appliances (CVE-2022-40684), attackers can execute remote code in Fortinet appliances to achieve any of the following objectives:
- Opening and downloading the device configuration file
- This includes and is not exclusive to cleartext rules, policies, filtering, usernames, routing configurations and encrypted passwords (encrypted via the private encryption key).
- Creating privileged administrator accounts
- Uploading and running scripts
Potential for widespread exploitation
According to CISA's Known Exploited Vulnerabilities Catalog, threat actors have historically used similar Fortinet vulnerabilities to gain initial access and move laterally within an organisation's environment.
We therefore also assume that hackers will continue to actively exploit this vulnerability in the short term to gain access to sensitive information, such as the device configuration file.
This is thanks to the ease of exploitation, the potential for payload and execution and the prevalence of affected Fortinet devices within enterprise environments.
Take action
This is a major vulnerability that should be addressed immediately.
Given the impact of the update process or possible complexity of other measures, we are currently in the process of contacting customers to agree or who/when to perform the upgrade(s).
Please note, if possible, perform the upgrades in a test environment first
Update FortiOS
Product | Impacted Versions | Fixed Versions |
FortiOS | v7.2.0 to v7.2.2 v7.0.0 to v7.0.8 v6.4.0 to v6.4.10 v6.2.0 to v6.2.11 |
v7.2.3 or above v7.0.9 or above v6.4.11 or above v6.2.12 or above |
FortiOS-6K7K | v7.0.0 to v7.0.7 v6.4.0 to v6.4.9 v6.2.0 to v6.2.11 v6.0.0 to v6.0.14 |
v7.0.8 or above v6.4.10 or above v6.2.12 or above v6.0.15 or above |
Workaround
Disable the SSL-VPN
Need help?
Contact us as soon as possible to fix this leak for you. You can do this by mail at support@vanroey.be or count: 014 470 600. You can also have a create a ticket.
Can't create tickets? Ask here to get an account. If our Engineer needs to remotely control your PC, he or she will ask you to run this software .