From detection to protection: KYND alerts organisations exposed to Fortinet’s zero-day vulnerability

Introduction

KYND’s cyber risk management monitoring was able to identify organisations that were potentially exposed to a critical vulnerability that has emerged this week in Fortinet's cyber security products FortiOS and FortiProxy.

This Zero-day vulnerability, known as CVE-2023-27997, poses a significant risk that potentially allows hackers to gain full control over its users’ systems and compromise their sensitive data.

What is a Zero-day Vulnerability?

Zero-day vulnerabilities are essentially software exploits that are unknown to the vendor or developers until they are discovered and exploited by a 3rd party. They're like hidden landmines in the cyber landscape, ready to detonate at any moment. Since they're unknown to the vendors or developers, they can be very dangerous until patches or remediation are made available to protect against them.

Exploit Details and Potential Impact for Businesses

CVE-2023-27997 may sound like a mouthful of gobbledygook, however it’s the name of a critical vulnerability that has been classified as high risk. This critical vulnerability arises from a flaw in the way Fortigate FortiOS and FortiProxy processes specific file requests. What this means is that attackers can leverage carefully crafted requests to exploit this vulnerability, granting them the ability to execute arbitrary code on compromised systems. If exploited, it could pave the way for targeted attacks, allowing cyber criminals to infiltrate systems. The implications are far-reaching, including the potential for unauthorised access, data exfiltration, and the installation of malicious software. To mitigate these risks, it's essential that organisations take immediate action as early as possible.

Fortinet's Swift Response and Security Updates

Fortinet have acted swiftly in response to this vulnerability. They have released updated firmware for their products that specifically target this vulnerability. The patched versions include FortiProxy 7.0.10 and 7.2.4; FortiOS versions 7.0.12 and 7.2.5. By promptly applying these security updates, any organisation can significantly reduce the risk of exploitation. (See Fortinet's recommended actions here)

KYND's Vigilance and how we keep our partners and customers one step ahead

At KYND, we are constantly vigilant for new high-risk and zero-day vulnerabilities, and we prioritise open and transparent communication. We have been monitoring the exposure to this Fortinet vulnerability across all of KYND’s insurance, financial services and direct clients and any organisations that are potentially impacted have been alerted.

Conclusion

In this fast-paced and ever-changing technological landscape, where cyber threats continue to evolve, KYND stands at the forefront, dedicated to protecting our clients against this threat. We understand the urgency and potential impact of the Fortinet Zero-day vulnerability (CVE-2023-27997), and rest assured, we are taking proactive steps to reduce our clients risk exposure. Thanks to our monitoring services, we have the ability to swiftly detect and analyse threats, enabling us to provide clients with the essential information and recommended actions necessary to limit the impact of these events.

Whether you’re an insurer, broker, investor or end user and would like more information on how KYND’s services can protect your business against these types of vulnerabilities, please don’t hesitate to get in touch with us at: info@kynd.io