.svg){kind=icon}
Fortinet Devices Under Active Threat Due to Zero Day Vulnerability
A critical zero-day vulnerability dubbed “FortiJump” has been disclosed in FortiManager software, which has been actively exploited by attackers since at least June of this year, and has the potential to fully compromise affected devices.
FortiManager is a platform that controls Fortinet security devices such as firewalls, switches, and access points. It provides tools for the configuration, management, updating, and monitoring of large networks.
Fortinet urges, “credentials of devices on all affected systems, such as passwords and user-sensitive data, of all managed devices, be urgently changed.” Additionally, access to the FortiManager administrator portal should be limited to approved and internal IP addresses, and unknown FortiGate devices should be denied from connecting with FortiManager.
The vulnerability, CVE-2024-47575, is caused by a missing authentication issue in the FortiGate to FortiManager Protocol API. The severity of this issue is rated 9.8/10.
User information, configuration data, credentials have been stolen from affected devices, which could be used to move laterally, and target the enterprise environment. It additionally enables a remote attacker to execute arbitrary code, which because of the application's management tools, could allow them to spread further over a network.
This vulnerability impacts FortiManager (and FortiManager Cloud) versions 6.x and 7.x. It also affects older FortiAnalyzer models.
Considering a switch away from Fortinet?
Like FortiManager, Netmaker gives you the power to manage networking across many devices and networks. Instead of relying on physical devices, Netmaker implements a virtual overlay approach, with peer-to-peer access controls, explicit authorization of every node, and traffic encryption using WireGuard's modern cryptography. With new zero-day vulnerabilities being discovered in enterprise networking products regularly, this approach can significantly enhance your security and decrease your attack surface in the face of such threats.
Enhancing Security with Netmaker's Virtual Networking Solution
Netmaker offers a compelling alternative to traditional network management solutions by utilizing a virtual overlay approach that enhances security and reduces vulnerabilities. Unlike hardware-based systems, Netmaker leverages WireGuard's state-of-the-art cryptography to ensure encrypted tunnels between devices. This peer-to-peer access control model requires explicit authorization for each node, significantly decreasing the likelihood of unauthorized access and lateral movement within your network. By eliminating reliance on physical devices, Netmaker reduces the attack surface and mitigates risks associated with zero-day vulnerabilities, such as those impacting FortiManager.
Deploying Netmaker is straightforward, with options for manual or advanced server installation on a single server, whether virtual or bare metal. It can be run inside containers using Docker or Kubernetes, providing flexibility and ease of integration into existing environments. The system's architecture ensures that network operations are performed with elevated privileges, allowing for the creation and management of secure, efficient networks. With Netmaker, organizations can confidently manage their networks while enhancing security measures against threats like FortiJump. To get started with Netmaker, you can sign up at Netmaker's website.
.svg)