One of the world’s biggest security vendors had hidden backdoors in their products that would allow virtually anyone to take over the firewall.
Your firewall is the security appliance that is supposed to separate your internal, secure, network from the outside world. This bug/backdoor essentially lets anybody into your network that would like to be there.
This hits East Tennessee hard for 3 major reasons
- One of the biggest IT firms in the area standardized on this vendor’s firewalls years ago, smaller IT shops followed
- The security required by firms that do business with DOE and ORNL mean a lot of these firewalls are in place in and around Oak Ridge and Knoxville
- One of the areas biggest retailers also standardized on these, with 100s believed to be in production
What you need to do — today!
If you’ve seen the images below in your office, server room or computer call your IT firm — TODAY — and ask them if they’ve updated it to a version that no longer contains these bugs. Most IT firms are notorious for patching firewalls slowly, so things don’t break. But being behind on these patches means you are already broken.
This is a really big deal
It allows anyone, anywhere to reset any user’s password on the firewall.
Critical vulns in #FortiOS reversed & exploited by our colleagues @niph_ and @ramoliks – patch your #FortiOS asap and see the #bh2019 talk of @orange_8361 and @mehqq_ for details (tnx guys for the teaser that got us started) pic.twitter.com/TLLEbXKnJ4— Code White GmbH (@codewhitesec) July 2, 2019