Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ok1
New Contributor II

FortiOS - heap-based buffer overflow in sslvpnd / plans for provide patches

Hi

 

I have a 200D with OS 6.0.10.
The solusions listed in the PSIRT Advisories do not include the 6.0 series.
Do you know if there are plans to provide them?

11 REPLIES 11
aahmadzada
Staff
Staff

FortiOS 6.0 is out of support since September 2022, so there will be no bug fixes and patches released for that version.

 

Ahmad

Ahmad
pgautam
Staff
Staff

Hi,

 

Unfortunately, FortiGate firewall 200D only supports FortiOS 6.0 which has reached EOL, so the only workaround is to disable the SSLVPN.

 

Regards,

Priyanka

Yurisk
Valued Contributor

FortiOS 6.0.15 was released on 22 of September 2022 - does it, by any chance include the fix of this CVE ?

I have a pair of 1500D which cannot be upgraded in the immediate future, but which did upgrade to 6.0.15

Thanks

Yuri https://yurisk.info/  blog: All things Fortinet, no ads.
Yuri https://yurisk.info/ blog: All things Fortinet, no ads.
Ok1
New Contributor II

Thanks all.
I will change from SSLVPN to IP-sec.

Ok1
New Contributor II

FYI, Advisory updated.

 

https://fortiguard.fortinet.com/psirt/FG-IR-22-398

Please upgrade to upcoming FortiOS version 6.0.16 or above

ede_pfau
Esteemed Contributor III

https://www.fortiguard.com/psirt/FG-IR-22-398 states that v6.0.16 is under way.


Ede

"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
aahmadzada
Staff
Staff

An update:
6.0.16 with the vulnerability fix should be released by the end of this week

Ahmad
pgautam
Staff
Staff

update:-

6.0.16 has been released. Please check the below release note:-

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/ec15f6fb-7c07-11ed-8e6d-fa163e...

 

Kindly follow the below upgrade path tool to go with the step-by-step upgrade

https://docs.fortinet.com/upgrade-tool

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Manual-firmware-upgrade-by-referring-upgra....

 

Regards

Priyanka

 

Ok1
New Contributor II

It's a malicious site.

Labels
Top Kudoed Authors