If you are running a FortiGate VPN device, you may be at risk of a critical vulnerability that could allow attackers to access your network and data. Last month Fortinet released CVE-2023-27997, a critical vulnerability patch. According to recent articles, somewhere between 300-350 thousand devices exposed to the internet are still unpatched against this flaw, which was disclosed in June 2023. Could you be one of these vulnerable organizations?
This is just one example of the importance of vulnerability management for any organization. Cybersecurity vulnerabilities are inevitable; however, they can be mitigated by applying patches aimed at improving the security and functionality of the software. Patching is not only a good security practice but also a compliance requirement for many regulations and standards. Regular patching can also help you avoid data leaks and breaches, which can have serious consequences for your reputation, customer trust, legal liability, and bottom line. According to the 2023 Verizon Data Breach Investigations Report, vulnerability exploits were the second-highest method of initial access, after stolen credentials.
Most organizations have a process for Microsoft and other common application patching however, patching is not as simple for many other components of the enterprise. Patching requires a systematic and continuous process of identifying, evaluating, prioritizing, testing, deploying, and verifying patches across your entire network. This is a big ask for small IT Teams that are also responsible for a list of projects as well as keeping the lights on.
As the enterprise grows and changes, so do the blind spots for IT Teams. This could be anything from unknown user-installed applications to entire cloud environments that are outside the purview of IT. Understanding the network layout and the components connected to it is a critical step in finding blind spots in your network.
Below are just a few steps you can take to uncover the blind spots in your enterprise and increase our overall security posture.
- Conduct a comprehensive inventory and mapping of your assets, including devices, operating systems, applications, services, and dependencies. This can be a tedious task but worth the time and effort to better understand what needs to be protected.
- Schedule regular vulnerability scans and review the reports.
- Prioritize patches based on the severity of the vulnerability, the likelihood of exploitation, and the impact of patching. Create standard maintenance windows for lower severity patches and have an emergency patching protocol in place for critical zero-day patches.
The Fortinet vulnerability serves as a reminder of the importance of looking for blind spots within the environment and the importance of prioritizing vulnerability management.
Sign up for our weekly newsletter to get information like this delivered to your inbox. Sign up here.
Chad Robinson
CISO/VP of Advisory
References:
: 336,000 servers remain unpatched against critical Fortigate vulnerability | Ars Technica
: 340,000+ Fortinet firewalls wide open to flaw – report • The Register