- Who are we?
Strategic IT partner
Count on our expertise to accelerate your digitisation
- Maximum partnerships with A+ brands
- Mountains of experience in thousands of environments
- Unrivalled expertise in cybersecurity
- Up to 24/7 monitoring & support
- Core healthy business for +30 years
- +200 Certified employees with passion
- Sober, knowledgeable advice
- Unique puzzle of proven top solutions
From advice until installation, from support until complete relief.
We are ready! - Services
IT Analyses, Consulting, installations...
- General IT Analysis and InstallationsA new look at your environment by our specialists
- Applications (Dynamics 365 ERP/CRM, Microsoft 365, Copilot...)Work more efficiently (together) with Dynamics 365 & Microsoft 365, among others
- Cybersecurity AuditCertified experts uncover every vulnerability
- Wi-Fi SurveyDetect and fix jammers and hard-to-reach areas
- Licence Audit (Software Asset Management)Are all licences in order? You can often optimise and save a lot!
- Solutions
- Jobs
Join our team from Turnhout, Houthalen and/or Geel!
From advice until installation, from support until complete relief.
We are ready! - Events
Accelerate your digitalization.
Get an interactive tour of state-of-the art solutions. - Contact
- Customer Area
As a customer, you can manage support tickets, quotes and licences yourself.
Request access via business@vanroey.beNeed a login or request a quote? Contact us via internalsales@vanroey.be | 014 470 600
Remote Code Execution vulnerability in Fortinet SSL VPN service
Our support will regularly inform you of important events here.
CVE-2022-42475: Fortinet published an advisory on an actively exploited remote code execution vulnerability affecting FortiOS via the SSL VPN service.
Remote Code Execution vulnerability in Fortinet SSL VPN service
Fortinet is aware of at least one case where this vulnerability has been successfully exploited, although other unknown cases may certainly exist.
One exploits a vulnerability to deploy malicious files on the file system of affected devices.
Moreover, as seen in a recent campaign affecting Fortinet appliances (CVE-2022-40684), attackers can execute remote code in Fortinet appliances to achieve any of the following objectives:
- Opening and downloading the device configuration file
- This includes and is not exclusive to cleartext rules, policies, filtering, usernames, routing configurations and encrypted passwords (encrypted via the private encryption key).
- Creating privileged administrator accounts
- Uploading and running scripts
Potential for widespread exploitation
According to CISA's Known Exploited Vulnerabilities Catalog, threat actors have historically used similar Fortinet vulnerabilities to gain initial access and move laterally within an organisation's environment.
We therefore also assume that hackers will continue to actively exploit this vulnerability in the short term to gain access to sensitive information, such as the device configuration file.
This is thanks to the ease of exploitation, the potential for payload and execution and the prevalence of affected Fortinet devices within enterprise environments.
Take action
This is a major vulnerability that should be addressed immediately.
Given the impact of the update process or possible complexity of other measures, we are currently in the process of contacting customers to agree or who/when to perform the upgrade(s).
Please note, if possible, perform the upgrades in a test environment first
Update FortiOS
Product | Impacted Versions | Fixed Versions |
FortiOS | v7.2.0 to v7.2.2 v7.0.0 to v7.0.8 v6.4.0 to v6.4.10 v6.2.0 to v6.2.11 |
v7.2.3 or above v7.0.9 or above v6.4.11 or above v6.2.12 or above |
FortiOS-6K7K | v7.0.0 to v7.0.7 v6.4.0 to v6.4.9 v6.2.0 to v6.2.11 v6.0.0 to v6.0.14 |
v7.0.8 or above v6.4.10 or above v6.2.12 or above v6.0.15 or above |
Workaround
Disable the SSL-VPN
Need help?
Contact us as soon as possible to fix this leak for you. You can do this by mail at support@vanroey.be or count: 014 470 600. You can also have a create a ticket.
Can't create tickets? Ask here to get an account. If our Engineer needs to remotely control your PC, he or she will ask you to run this software .