Thousands of Fortinet device login credentials were linked

Cybersecurity solutions provider Fortinet has confirmed that a cybercriminal has made public the SSL-VPN login credentials associated with at least 87.000 FortiGate SSL-VPN devices via the RAMP forum.

The compromised credentials were obtained by not having the devices updated against the CVE-2018-13379 vulnerability at the time it was being exploited.

The manufacture insists that those affected should update their systems and then reset their user passwords to fix the vulnerability.

References:

08/09/2021 fortinet.com Malicious Actor Discloses FortiGate SSL-VPN Credentials
08/09/2021 bleepingcomputer.com Hackers leak passwords for 500,000 Fortinet VPN accounts
09/09/2021 thehackernews.com Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices
09/09/2021 unaaldia.hispasec.com Expuestas medio millón de cuentas VPN de Fortinet
10/09/2021 gist.github.com Fortinet Victim List - "Hackers leak passwords for 500,000 Fortinet VPN accounts"

Tags:

Corporate access

Thousands of Fortinet device login credentials were linked