After a recent Fortinet breach, it is critical to understand the approach your organization needs to take to remediate. A successful exploit could allow the attacker to access critical information.
Fortinet Breach
Summary – European companies’ Fortinet VPN devices have been targeted in more recent attacks. In the most recent attacks, a production site was taken down. The attacks happened in the first quarter of 2021.
Threat actors are scanning the internet for unpatched devices linked to CVE-2018-13379. This is an ongoing concern that has been previously reviewed by Fortinet. This vulnerability may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource requests. Fortinet is publishing a monthly vulnerability advisory summary with a focus on infrastructure patching.
Reference links