CISA, FBI Warn of Security Vulnerabilities of Fortinet Product
Friday, April 09, 2021 | Comments

The FBI and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory warning of potential vulnerabilities in Fortinet’s FortiOS product.

The two agencies said that in March 2021, they observed advanced persistent threat (APT) actors (APT) exploring several common vulnerabilities and exposures.

“It is likely that the APT actors are scanning these vulnerabilities to gain access to multiple government, commercial and technology services networks,” the notice said. “APT actors have historically exploited critical vulnerabilities to conduct distributed denial-of-service (DDoS)attacks, ransomware attacks, structured query language (SQL) injection attacks, spearphishing campaigns, website defacements and disinformation campaigns.”

The agencies said that APT actors may be trying to use the CVEs to “gain access to networks across multiple critical infrastructure sectors to gain access to key networks as pre-positioning for follow-on data exfiltration or data encryption attacks.”

The security advisory offered a list of mitigations for agencies to take in the case they use the equipment. Find the full advisory here.

Would you like to comment on this story? Find our comments system below.

Post a comment
Name: *
Email: *
Title: *
Comment: *


No Comments Submitted Yet

Be the first by using the form above to submit a comment!


August 2022

7 - 10
APCO Conference and Expo 2022
Anaheim, California

More Events >

Site Navigation