BlackHat 2019 was interesting from a network-security engineer perspective. Fortinet was a Platinum Plus Sponsor, so there was a possibility to attend live demos and see devices in action. Apart from that, there was also a presentation of Attacking SSL VPN. Targets were: Pulse Secure and Fortinet SSL VPN. Vulnerabilities are:
The biggest issue is that the source code is available online and can be used by anyone, even script-kiddies. Without a deep IT knowledge, some noobie can compromise affected network.
- FortiOS 6.0.0 to 6.0.4
- FortiOS 5.6.0 to 5.6.8
- FortiOS 5.4.1 to 5.4.10
- SSL-VPN in both tunnel and portal mode
- Upgrade to FortiOS 5.4.11, 5.6.9, 6.0.5, 6.2.0 or above
If you are using SSL-VPN and are running affected FortiOS version, please schedule upgrades immediately. I also recommend watching video demo to be aware how easy it is to use that vulnerability against SSL-VPN.
- https://devco.re/blog/2019/08/09/attacking-ssl-vpn-part-2-breaking-the-Fortigate-ssl-vpn/ <-- short video demo included
- https://www.tenable.com/blog/cve-2018-13379-cve-2019-11510-fortigate-and-pulse-connect-secure-vulnerabilities-exploited-in <-- short video demo included