This is not the first time when hackers have leaked sensitive login credentials belonging to Fortinet products. Also, initiate an organization-wide password reset.
Fortinet vpn login upgrade#
To prevent further compromise, it is essential to disable all VPNs from Fortinet and upgrade your devices to FortiOS 5.4.13, 5.6.14, 6.0.11, or 6.2.8 and above. It emerged as one of the most exploited security flaws in 2020 and identified intelligence agencies in the UK, Australia, and the USA. About the VulnerabilityĬVE-2018-13379 is a path traversal vulnerability in the web portal of FortiOS SSL VPN that allows unauthorized people to read arbitrary system files such as session file that contains usernames and passwords in plaintext format. While they may have since been patched, if the passwords were not reset, they remain vulnerable,” Fortinet’s statement read. “These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor’s scan. For your information, back in April, federal agencies alerted the company about multiple security flaws in the company’s VPN that may allow unauthorized individuals to access user data.įortinet issued patches for the security flaws, but this didn’t prevent cybercriminals from accessing exclusive login credentials. Research reveals that the threat actor compromised such a large trove of data by exploiting a previously discovered vulnerability in Fortinet VPN. Previously Vulnerability Led to the Data Leak Metropolitan Police Department earlier in 2021 and raked in millions of dollars. This ransomware gang targeted and extorted the Washington D.C. On the other hand, Security firm Advanced Intel identified that Orange is a member of the Groove ransomware gang and has previously worked for another prominent ransomware collective known as Babuk. Plain-text Fortinet VPN login credentials (Image: )