Old Fortinet Flaws are being used to breach federal and commercial networks - RedSeal

Old Fortinet Flaws are being used to breach federal and commercial networks

/by


RedSeal Cyber Threat Series            

The Federal Bureau of investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory warning that 3 Fortinet CVEs (CVE 2018-13379, CVE-2020-12812, and CVE-2019-5591) are being leveraged to gain a foothold in government agency and commercial networks to be exploited in the future. The FBI and CISA observed attackers scanning for ports 4443, 8443, and 10443.

Enterprises should immediately patch their FortiOS software and follow the recommended configuration guidance.

RedSeal customers should:

  1. Run a custom best practice check to receive a list of vulnerable devices
  2. Create and run daily reports until all affected systems are patched.

For additional details, contact your RedSeal sales representatives or email info@redseal.net

References:

https://www.ic3.gov/Media/News/2021/210402.pdf

https://www.fortiguard.com/psirt/FG-IR-19-283

https://www.fortiguard.com/psirt/FG-IR-18-384

https://www.fortiguard.com/psirt/FG-IR-19-037

https://kb.fortinet.com/kb/documentLink.do?externalID=FD49410

 

 

Get the latest news, invites to events, and threat alerts

CONTACT US
RedSeal Japan
Distinguished Vendor badge 2025

16 Strategies To Prevent Your Team Members From Adopting ‘Shadow IT’What You Need to Know About CMMC Certification
Footer
Connect on LinkedIn