Last updated on January 16, 2025 at 10:07 am
We’re aware of an authentication bypass vulnerability affecting ForitOS and FortiProxy.
Attackers are exploiting this vulnerability by sending a specially crafted request to the administrative interface of firewalls. All N4L-managed firewall administrative interfaces are not exposed to the internet, meaning an appropriate mitigation for this vulnerability is in place and no action is required for these schools.Â
However, if your school manages its own Fortinet firewall, we recommend upgrading to the versions found in this advisory. The affected versions are:
- FortiOS 7.0.0 – 7.0.16
- FortiProxy 7.2.0 – 7.2.12
- FortiProxy 7.0.0 – 7.0.19
You can find more information here.