FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities

  /     /     /  
Publicated : 23/11/2024   Category : security


FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities


A joint advisory warns admins of the likelihood of APT groups exploiting three vulnerabilities in the Fortinet FortiOS.



Editors Note: This story was updated on April 2 at 5:35 PM ET to include Fortinets statement.
The FBI and Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) today issued a joint advisory warning admins of active exploits targeting three vulnerabilities in Fortinet FortiOS.
In March 2021, the FBI and CISA observed advanced persistent threat (APT) attackers scanning devices on ports 4443, 8443, and 10443 for CVE-2018-13379 in FortiOS. They also noticed attackers scanning enumerated devices for CVE-2020-12812 and CVE-2019-5591. Officials believe attackers are attempting to access multiple government, commercial, and technology services networks.
The APT actors may be using any or all of these CVEs to gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks, the full advisory states. 
APT groups have historically exploited critical vulnerabilities to launch distributed denial-of-service attacks, ransomware campaigns, SQL injection attacks, spear-phishing campaigns, website defacements, and disinformation attacks, officials note. 
The FortiOS advisory arrives two days after CISA
issued further guidance
on its emergency directive regarding the Microsoft Exchange Server vulnerabilities patched last month. Its latest update instructs federal departments and agencies to run Microsofts new Test-ProxyLogon.script and Safety Scanner tool
to determine
whether they have been compromised.
Fortinet followed up on its release of a patch for CVE-2018-13379 with blog posts in
August 2019
and
July 2020
 to provide more details and warn customers of active attacks by APT 29. If customers have not done so, we urge them to immediately implement the upgrade and mitigations, Fortinet says in a statement on todays advisory. 
Read the
CISA advisory
for more information on the FortiOS exploits.

Last News

▸ Nigerian scammers now turning into mediocre malware pushers. ◂
Discovered: 23/12/2024
Category: security

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities