FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS.

Editors Note: This story was updated on April 2 at 5:35 PM ET to include Fortinets statement.
The FBI and Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint advisory warning admins of active exploits targeting three vulnerabilities in Fortinet FortiOS.
In March 2021, the FBI and CISA observed advanced persistent threat (APT) attackers scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379 in FortiOS. They also noticed attackers scanning enumerated devices for CVE-2020-12812 and CVE-2019-5591. Officials believe attackers are attempting to access multiple government, commercial, and technology services networks.
The APT actors may be using any or all of these CVEs to gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks, the full advisory states.
APT groups have historically exploited critical vulnerabilities to launch distributed denial-of-service attacks, ransomware campaigns, SQL injection attacks, spear-phishing campaigns, website defacements, and disinformation attacks, officials note.
The FortiOS advisory arrives two days after CISA
issued further guidance
on its emergency directive regarding the Microsoft Exchange Server vulnerabilities patched last month. Its latest update instructs federal departments and agencies to run Microsofts new Test-ProxyLogon.script and Safety Scanner tool
to determine
whether they have been compromised.
Fortinet followed up on its release of a patch for CVE-2018-13379 with blog posts in
August 2019
and
July 2020
to provide more details and warn customers of active attacks by APT 29. If customers have not done so, we urge them to immediately implement the upgrade and mitigations, Fortinet says in a statement on todays advisory.
Read the
CISA advisory
for more information on the FortiOS exploits.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities