Hackers are actively targeting FortiOS vulnerabilities, warn FBI and CISA
SHARE
The U.S. Federal Bureau of Investigation and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have released a joint cybersecurity advisory warning that hacking groups are actively targeting vulnerabilities in Fortinet Inc.’s FortiOS.
While not naming which hacking groups that are targeting the operating system, the April 2 advisory describes them as advanced persistent threat groups, hacking groups that are typically sponsored by nation-states.
The APTs are said to be scanning devices on ports 4443, 8443 and 10443 for three vulnerabilities: CVE-2018-13379, a vulnerability that allows an unauthenticated attacker to download system files through SSL VPN; CVE-2020-12812, also an improper authentication vulnerability in SSL VPN in FortiOS; and CVE-2019-5591, a default configuration vulnerability that allows an attacker to intercept sens