VPLS has discovered and responsibly disclosed a new Fortinet FortiGate firewall vulnerability which has been assigned the Common Vulnerabilities and Exposures (CVE) number CVE-2021-41019.
At a technical level, this vulnerability can be summarized as an improper validation of LDAP server certificates in the web GUI of FortiOS, the operating system that the FortiGate firewalls run, which could lead to a malicious actor obtaining sensitive information, such as user credentials. VPLS is acknowledged with the discovery and responsible disclosure in Fortinet’s official advisory FG-IR-21-074, which was released on November 2nd, 2021.
Impact, Risk, and Recommendations
This vulnerability affects all FortiGates running 7.0.1 and below, 6.4.6 and below, or 6.2.9 and below. With that said, Fortinet has scored this vulnerability a 3.5 out of 10 using the Common Vulnerability Scoring System Version 3.1 (CVSSv3.1), which results in a Severity rating of Low.
Even with a Severity rating of Low, this vulnerability VPLS discovered can be resolved with a quick fix – a firmware upgrade – so we recommend upgrading the firmware to a version in which this vulnerability has been fixed, which is 7.0.2 or above, 6.4.7 or above, or 6.2.10 or above.
With that said, we urge you to also review CVE-2019-5591 and its associated Fortinet PSIRT Advisory FG-IR-19-037. This vulnerability made the list of Top Exploited Vulnerabilities in 2021 and is closely related to the vulnerability we discovered. The difference with CVE-2019-5591 is that upgrading the firmware alone does not resolve it! A configuration change on the firewall must also be performed, and this critical step is one many organizations overlook.
A Testament to Our Commitment to Security
As a Fortinet Expert Partner and MSSP, we provide many Managed Security Services based around Fortinet products, but so do many other MSPs/MSSPs. The difference with VPLS is that we are providing security services powered by a team with a deep commitment to securing our customers’ organizations, and VPLS discovering and responsibly disclosing a brand-new vulnerability related to the products that power our services is a testament to that commitment and dedication.
If you’d like to learn more about mitigating this vulnerability, or you want to talk about the security services we offer, including managed services and professional services, then please reach out to us. We are always here to help.
Read More from this Author
John Headley
John Headley, CISSP and Fortinet NSE8 #003155, is a Senior Security Engineer at VPLS where he splits his time between both pre-sales and post-sales engagements. His expertise is in security architecture and engineering, security assessment and compliance, and security operations. During his time at VPLS, he has led many security-related professional services projects, including a 35-location international firewall deployment for a publicly-traded social media company.
More from this Author
If you enjoyed this article, you'll probably like:
