Improper check for certificate revocation vulnerability
Certificates taken out of service could potentially be improperly re-used.
Fortinet has already taken steps to mitigate the risk; to be clear however, pursuant to this CRITICAL-level alert, Fortinet strongly recommends that customers upgrade the identified customer-side mitigations as shown under “Solutions” below.
FortiOS 6.0.5 and below
FortiOS 5.6.9 and below
FortiOS 5.4.11 and below
FortiOS 5.2.13 and below
FortiManager 6.0.5 and below
FortiManager 5.6.8 and below
FortiManager 5.4.6 and below
FortiAnalyzer 6.0.5 and below
FortiAnalyzer 5.6.8 and below
FortiAnalyzer 5.4.6 and below
NOTE: THE SEVERITY MEANS IT IS CRITICAL THAT CUSTOMERS IMMEDIATELY IMPLEMENT THE FIRMWARE UPDATE AND SIGNATURE UPDATE.
Fortinet is automatically implementing an IPS signature update for FortiOS to mitigate the risk and help protect customers.
In addition, it is strongy advised that customers apply the software update located at: https://support.fortinet.com The software should be updated manually: I.e., go to https://support.fortinet.com, download the appropriate firmware version, above, and install it on your device (via tftp, USB drive, etc.).
If you need assistance, or if customers have experienced any indicators that may be suspicious or indicators of compromise please contact customer service at https://support.fortinet.com