Home News CISA Alerts About Path Traversal Vulnerability in Fortinet VPNs

CISA Alerts About Path Traversal Vulnerability in Fortinet VPNs

Fortinet VPNs Vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) is warning users about the potential password leaks on Fortinet devices. In an official notification, the agency stated that certain Fortinet VPN devices, located in the U.S., are vulnerable to a CVE 2018-13379 flaw. If exploited, the vulnerability could allow an attacker to illicitly access FortiOS system files.

Affected Products:

  • FortiOS 6.0 – 6.0.0 to 6.0.4
  • FortiOS 5.6 – 5.6.3 to 5.6.7
  • FortiOS 5.4 – 5.4.6 to 5.4.12

Fortinet also confirmed the vulnerability in a security advisory stating, “A path traversal vulnerability in the FortiOS SSL VPN web portal may allow an unauthenticated attacker to download FortiOS system files through specially crafted HTTP resource. If users fail to upgrade to the versions listed above, they can still mitigate it by enabling two-factor authentication for SSL VPN users. An attacker would then not be able to use stolen credentials to impersonate SSL VPN users.”

CISA has urged users and administrators to apply the necessary updates – FortiOS 5.4.13, 5.6.8, 6.0.5 or 6.2.0 immediately, to avoid potential online intrusions. It also recommended Fortinet users to conduct a review of logs on any connected networks to find any additional threat actor activity.

Update Before it’s Late

Recently, security researchers found a stack-based buffer overflow flaw in SonicWall Network Security Appliance (NSA) which could affect nearly 800,000 SonicWall VPNs across the globe, if left patched. According to the researcher Craig Young from Tripwire VERT, the vulnerability CVE-2020-5135 can be exploited by an unauthenticated HTTP request involving a custom protocol handler. The issue exists in the HTTP/HTTPS service, which is used for product management and for SSL VPN remote access. Read the full story here…