Last update from 12.05.2021 at 09:40 Swiss local time: We have noticed an improvement in the situation. Some rare rating timeouts still show up from time to time, but the majority of requests are being answered correctly. Also the DNS servers are working as usual again.
We have noticed an increase of support requests regarding the FortiGuard DNS rating service (SDNS) today. Therefore we want to inform you about the following issue.
There seems to be a vulnerarbility in some FortiMail versions, that allow an unauthenticated remote attacker to access the system by requesting a password change. Please refer to the FortiGuard PSIRT article.
The problem here is not only the unauthorized access to the system, but also the change of the password of all configured administrative accounts. Also, the maintainer functionality to reset the administrator password over a serial console of the FortiMail is being disabled from the attacker.
FortiOS v6.2 has been released in March this year and we are still gaining experience with this version. In this article we would like to draw you attention to the protocol which is used for FortiGuard service communication. Up to v6.0 udp has been used, with 6.2 the default protocol has changed to https.