The National Cryptologic Center warns of a critical vulnerability in some of Fortinet's products. This threat has been assigned the code CVE-2002-42475 and would involve a buffer overflow in FortiOS SSL-VPN. This could allow an unauthenticated attacker to remotely execute arbitrary code or commands via certain requests.
The affected resources are as follows:
6.2.0 through 6.2.11.
6.4.0 through 6.4.10
7.0.0 through 7.0.8
7.2.0 through 188.8.131.52
Fortinet FortiOS-6K7K versions:
6.0.0 through 6.0.14
6.2.0 through 6.2.11
6.4.0 through 6.4.9
7.0.0 through 7.0.7
Solution to the vulnerability
To combat this threat, Fortinet recommends upgrading to the following FortiOS versions: 7.2.3, 7.0.9, 6.4.11, 6.2.12 or higher and to the following FortiOS-6K7K versions: 7.0.8, 6.4.10, 6.2.12 and 6.0.15 or higher.
The purpose of these updates is to put an end to external attacks that can take control of computer systems, which is why having an authentication system that is capable of detecting these accesses is important.
Ironchip is able to create an identity for each user by location that is really secure and difficult to falsify. By certifying the identity of users based on device, biometrics and location, it can detect these external attacks and suppress them in time.