We recently discovered that a sophisticated entity gained access to technical data that enabled them to impersonate a server in an attempt to access customer systems. We took immediate action to contain and block the activity; implementing three layers of protection including automatic signature updates, manual signature updates and a comprehensive patch update to reduce potential residual risks.
Out of an abundance of caution, we are asking that all customers immediately apply the comprehensive patch update, which can be accessed at: https://fortiguard.com/psirt/FG-IR-19-144. It’s also worth noting that customers installing software and threat definition updates to FortiOS via manual downloads from https://support.fortinet.com will not be impacted by this potential issue.
Fortinet has notified appropriate federal authorities and launched a formal investigation with the assistance of a leading external forensics firm. While our investigation is still ongoing, there is no evidence to date that customers have been impacted but if that changes we will communicate with customers directly on any steps they need to take.
Our customers are our #1 priority. We have strengthened both our configurations and our practices to harden our systems and make our distribution architecture more agile against future such threats.
We greatly value your loyalty to Fortinet and appreciate your ongoing support.