CISA, FBI Warn of Security Vulnerabilities of Fortinet Product
Friday, April 09, 2021 | Comments

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory warning of potential vulnerabilities in Fortinet’s FortiOS product.

The two agencies said that in March 2021, they observed advanced persistent threat (APT) actors (APT) exploring several common vulnerabilities and exposures.

“It is likely that the APT actors are scanning these vulnerabilities to gain access to multiple government, commercial and technology services networks,” the notice said. “APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS)attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements and disinformation campaigns.”

The agencies said that APT actors may be trying to use the CVEs to “gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks.”

The security advisory offered a list of mitigations for agencies to take in the case they use the equipment. Find the full advisory here.

Would you like to comment on this story? Find our comments system below.

Post a comment
Name: *
Email: *
Title: *
Comment: *


No Comments Submitted Yet

Be the first by using the form above to submit a comment!


June 2021

21 - 25
UTC Telecom and Technology Conference
Portland, Oregon

August 2021

15 - 18
APCO Conference and Expo
San Antonio, Texas

September 2021

27 - 30
International Wireless Communications Expo (IWCE) 2021
Las Vegas

November 2021

3 - 5
Critical Communications World 2021
Madrid, Spain

More Events >

Site Navigation