Threat actors have extracted Fortinet usernames and passwords and shared them publicly, the network security provider confirmed.
Fortinet, a provider of network security solutions, confirmed that a malicious actor improperly disclosed the VPN login names and passwords associated with 87,000 FortiGate SSL-VPN devices.
“These credentials were obtained from systems that remained unpatched against CVE-2018-13379 at the time of the actor’s scan. While they may have since been patched, if the passwords were not reset, they remain vulnerable,” the company said in a statement.
“This incident is related to an old vulnerability resolved in May 2019. At that time, Fortinet issued a PSIRT advisory and communicated directly with customers,” it added.
In light of the breach, Fortinet advises businesses to disable all VPNs immediately, upgrade to FortiOS 5.4.13, 5.6.14, 6.0.11, or 6.2.8 and above, and perform an organization-wide password reset. Warning that “you may remain vulnerable post-upgrade if your users’ credentials were previously compromised.”
© Fourth Estate® — All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed.