Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cisaCISACISA:24BBE0D109CEB29CF9FC28CEA2AD0CFF
HistoryApr 02, 2021 - 12:00 a.m.

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities

2021-04-0200:00:00
us-cert.cisa.gov
769

EPSS

0.969

Percentile

99.7%

JSON

The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services. Gaining initial access pre-positions the APT actors to conduct future attacks.

CISA encourages users and administrators to review Joint CSA AA21-092A: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks and implement the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

Related

attackerkb 3
threatpost 10
ics 12
thn 22
nessus 5
cve 3
nvd 3
cvelist 3
rapid7blog 3
cisa_kev 3
prion 3
fortinet 4
exploitpack 2
packetstorm 2
checkpoint_advisories 1
nuclei 1
zdt 2
mmpc 4
dsquare 1
mssecure 4
kitploit 1
malwarebytes 4
exploitdb 2
hivepro 3
cisa 1
securelist 1
qualysblog 6
talosblog 2
attackerkb
attackerkb
CVE-2018-13379 Path Traversal in Fortinet FortiOS
2019-06-04 00:00:00
CVE-2019-5591
2020-08-14 00:00:00
CVE-2020-12812
2020-07-24 00:00:00
threatpost
threatpost
FBI: APTs Actively Exploiting Fortinet VPN Bugs
2021-04-02 19:56:57
Unpatched Fortinet Bug Allows Firewall Takeovers
2021-08-18 12:07:33
Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns
2021-11-17 17:04:01
ics
ics
Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities
2021-11-19 12:00:00
#StopRansomware: Play Ransomware
2023-12-18 12:00:00
Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations
2022-09-14 12:00:00
thn
thn
U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws
2021-11-17 15:44:00
Unpatched Remote Hacking Flaw Disclosed in Fortinet's FortiWeb WAF
2021-08-18 03:41:00
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide
2023-12-19 05:42:00
nessus
nessus
Fortinet FortiOS < 6.0.10 / 6.2.x < 6.2.4 / 6.4.x < 6.4.1 Improper Authentication (FG-IR-19-283)
2020-10-02 00:00:00
Fortinet FortiGate < 6.2.1 Information Disclosure (FG-IR-19-037)
2019-08-12 00:00:00
Fortinet FortiOS SSL VPN Directory Traversal Vulnerability (FG-IR-18-384) (Direct Check)
2019-09-06 00:00:00
cve
cve
CVE-2020-12812
2020-07-24 23:15:12
CVE-2019-5591
2020-08-14 16:15:16
CVE-2018-13379
2019-06-04 21:29:00
nvd
nvd
CVE-2020-12812
2020-07-24 23:15:12
CVE-2019-5591
2020-08-14 16:15:16
CVE-2018-13379
2019-06-04 21:29:00
cvelist
cvelist
CVE-2019-5591
2020-08-14 15:28:25
CVE-2020-12812
2020-07-24 22:28:43
CVE-2018-13379
2019-06-04 20:18:08
rapid7blog
rapid7blog
Attackers Targeting Fortinet Devices and SAP Applications
2021-04-08 17:18:07
CVE-2022-40684: Remote Authentication Bypass Vulnerability in Fortinet Firewalls, Web Proxies
2022-10-07 16:24:42
Metasploit Wrap-Up
2021-03-05 17:20:43
cisa_kev
cisa_kev
Fortinet FortiOS Default Configuration Vulnerability
2021-11-03 00:00:00
Fortinet FortiOS SSL VPN Improper Authentication Vulnerability
2021-11-03 00:00:00
Fortinet FortiOS SSL VPN Path Traversal Vulnerability
2021-11-03 00:00:00
prion
prion
Default configuration
2020-08-14 16:15:00
Authentication flaw
2020-07-24 23:15:00
Path traversal
2019-06-04 21:29:00
fortinet
fortinet
Protect
2019-07-26 00:00:00
Protect
2020-07-13 00:00:00
Protect
2019-05-24 00:00:00
exploitpack
exploitpack
FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure
2019-08-19 00:00:00
FortiOS 5.6.3 - 5.6.7 FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)
2019-08-19 00:00:00
packetstorm
packetstorm
FortiOS 5.6.7 / 6.0.4 Credential Disclosure
2019-08-19 00:00:00
FortiOS 5.6.7 / 6.0.4 Credential Disclosure
2019-08-19 00:00:00
checkpoint_advisories
checkpoint_advisories
Fortinet FortiOS SSL VPN Directory Traversal (CVE-2018-13379)
2019-10-17 00:00:00
nuclei
nuclei
Fortinet FortiOS - Credentials Disclosure
2020-04-22 06:42:01
zdt
zdt
FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit (2)
2019-08-19 00:00:00
FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure Exploit
2019-08-19 00:00:00
mmpc
mmpc
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
2022-06-02 16:00:00
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
2021-11-16 16:00:08
Profiling DEV-0270: PHOSPHORUS’ ransomware operations
2022-09-07 21:00:00
dsquare
dsquare
Fortinet FortiGate SSL VPN File Disclosure
2019-08-17 00:00:00
mssecure
mssecure
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
2022-06-02 16:00:00
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
2021-11-16 16:00:08
Profiling DEV-0270: PHOSPHORUS’ ransomware operations
2022-09-07 21:00:00
kitploit
kitploit
Fortiscan - A High Performance FortiGate SSL-VPN Vulnerability Scanning And Exploitation Tool
2020-11-30 11:30:00
malwarebytes
malwarebytes
500,000 Fortinet VPN credentials exposed: Turn off, patch, reset passwords
2021-09-09 15:37:43
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
2021-04-16 14:59:38
Atomic research institute breached via VPN vulnerability
2021-06-21 13:53:03
exploitdb
exploitdb
Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure (Metasploit)
2019-08-19 00:00:00
Fortinet FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure
2019-08-19 00:00:00
hivepro
hivepro
LockBit 2.0 Ransomware affiliates targeting Renowned Organizations
2022-03-15 10:07:18
Russian state-sponsored cyber actors targeting U.S. critical infrastructure
2022-02-18 12:20:35
Weekly Threat Digest: 14 – 20 March 2022
2022-03-23 04:17:40
cisa
cisa
NSA-CISA-FBI Joint Advisory on Russian SVR Targeting U.S. and Allied Networks
2021-04-15 00:00:00
securelist
securelist
Cyberthreats to financial organizations in 2022
2021-11-23 10:00:13
qualysblog
qualysblog
CISA Alert: Top Routinely Exploited Vulnerabilities
2021-07-29 00:20:27
Qualys Tackles 2022’s Top Routinely Exploited Cyber Vulnerabilities
2023-08-24 19:07:05
CISA Alert: Top 15 Routinely Exploited Vulnerabilities
2022-05-06 12:19:24
talosblog
talosblog
Inside the ransomware playbook: Analyzing attack chains and mapping common TTPs
2024-07-10 10:00:33
Microsoft patches 12 critical vulnerabilities, nine of which are in Layer 2 Tunneling Protocol
2023-10-11 11:48:18

EPSS

0.969

Percentile

99.7%

JSON
Related for CISA:24BBE0D109CEB29CF9FC28CEA2AD0CFF
attackerkb3threatpost10ics12thn22nessus5cve3nvd3cvelist3rapid7blog3cisa_kev3prion3fortinet4exploitpack2packetstorm2checkpoint_advisories1nuclei1zdt2mmpc4dsquare1mssecure4kitploit1malwarebytes4exploitdb2hivepro3cisa1securelist1qualysblog6talosblog2