UPDATE (09/10/21): According to this report, nearly 500,000 Fortinet VPN login names and passwords have been leaked, scraped from nearly 13,000 exploitable Fortinet VPN devices last summer.
Yesterday, Fortinet confirmed that a malicious actor has disclosed VPN login credentials associated with 87,000 FortiGate SSL-VPN devices.
"These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor's scan. While they may have since been patched, if the passwords were not reset, they remain vulnerable," the company said in a statement on Wednesday.
NWG recommends anyone using a FortiGate SSL VPN appliance to perform the following actions:
For NWG Managed Security Customers that have their FortiGate SSL VPN device managed by NWG, your device was upgraded to protect against this vulnerability in 2019. No further action is needed as a result of this event. That said, be on the lookout for unexpected 2FA requests. If users are getting 2FA prompts that they aren’t initiating, it is suggested that you reset their password.
NetWorks Group is an Ethical Hacking and Managed Security Services Provider (MSSP) with practices in Offensive Security, Defensive Security, and Compliance. Founded in 1997, we have over 20 years of experience delivering services that improve security outcomes. Our services are designed to provide you with a clear risk-informed understanding of your security, so that you can invest where it matters. Our unique approach to security not only helps you stay ahead of cyber criminals but also helps you reduce cost and increase efficiency.
Security news, tips, webinars, and more straight to your inbox.