Affected Components: Network Component Fortigate
Scheduled Start: Feb. 11 2024 / 08:00 p.m.
Scheduled End: Feb. 11 2024 / 11: p.m.
State: Scheduled Maintainance
Description:
Urgent security update to Fortigate network component
(FortiOS - Out-of-bound Write in sslvpnd (RCE) (CVE-2024-21762))
Expected Impact:
About 1-2 short disconnections when the services are panning.
Customer Impact during the Maintenance:
Update 4:30 p.m.
After further evaluating options to mitigate or patch the disclosed vulnerabilities, we learned that patches were anounced but not yet available for download. We continue to monitor the situation closely and will act as soon as patches and upgrades are available.
Update Sunday Feb. 11 7:00 p.m.
After evaluating and testing the provided FortiOS Updates in our datacenter Lankwitzer Straße (BLA) we will be rolling out the patches today between 8 and 11 p.m. in our datacenters BKI and BLU. We have contacted affected customers separately. As the maintenance work affects our VPN routers, short outages of VPN connections are to be expected during the maintenance window mentioned.
Update Sunday Feb. 11 11:00 p.m. All instances of FortiOS in our datacenters have been updated to versions secure against CVE-2024-21762.