“These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor’s scan. While they may have since been patched, if the passwords were not reset, they remain vulnerable,” Fortinet’s statement read. About the VulnerabilityĬVE-2018-13379 is a path traversal vulnerability in the web portal of FortiOS SSL VPN that allows unauthorized people to read arbitrary system files such as session file that contains usernames and passwords in plaintext format. It emerged as one of the most exploited security flaws in 2020 and identified intelligence agencies in the UK, Australia, and the USA.
To prevent further compromise, it is essential to disable all VPNs from Fortinet and upgrade your devices to FortiOS 5.4.13, 5.6.14, 6.0.11, or 6.2.8 and above. Also, initiate an organization-wide password reset. This is not the first time when hackers have leaked sensitive login credentials belonging to Fortinet products.
0 kommentar(er)
