FBI, CISA: APT Actors Exploiting Unpatched Fortinet Vulnerabilities

Health IT Security

Jessica Davis

Advanced persistent threat actors are actively exploiting unpatched vulnerabilities in Fortinet FortiOS platforms belonging to technology services, government agencies, and other private sector entities, according to a joint alert from the FBI and the Department of Homeland Security Cybersecurity and Infrastructure Security Agency.

The APT actors are targeting the flaws CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591, which were first disclosed in 2019. Successful exploits of the latest hacking campaign allow the attacker to gain a foothold onto the network for future cyberattacks.

CVE-2018-13379 is found in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7, and 5.4.6 to 5.4.12 platforms and is caused by an improper limitation of a pathname to a restricted directory, or path traversal, under the SSL Virtual Private Network (VPN) web portal.

Dig Deeper
DHS CISA Shares More Microsoft Exchange Vulnerability Guidance
Exchange Flaw Latest: 30K Servers Vulnerable, Daily Attacks Spike
APT Hackers Targeting Unpatched, On-Prem Microsoft Exchange Servers
A successful exploit of the flaw gives an attacker the ability to download system files through specially crafted HTTP resource requests. A previous CISA alert found...

Get the Morning Update

Thanks for subscribing!