FortiGate SSL VPN Vulnerability - CVE-2024-21762
Tuesday, February 13, 2024
Good Afternoon,
Customers should be advised that due to recently disclosed critical vulnerabilities within FortiOS, relating to SSL VPN, we have had to take the difficult decision to disable all SSL VPN tunnels across our FortiGates to protect all customers. Fortinet has provided a patched release that we are currently testing in our labs. As this is the third critical SSL VPN vulnerability recently, we are advising all customers to migrate to dial-in IPsec VPN instead, and will of course assist with this. Any customers that require assistance or if you are unsure if this affects your service please log a case with support through the usual methods.
We apologise for the short notice and any inconvenience this might cause but having considered the serious security risks we don’t see any other option.
Thanks for your understanding
Talk Straight Technical Department
