If you are using Fortinet SSL VPN, attackers may be able to gain access to your private network, likely leading to a ransomware attack.
You should make certain that you are using an unaffected version of the Fortinet VPN, or upgrade to a fixed version as soon as possible. Because this vulnerability allows attackers to steal login credentials, we also recommend a global password change and that you enable two-factor authentication for all VPN users.
To see the list of affected versions and how to upgrade to a fixed version, visit the vendor’s support page.
For more information about this threat, CVE-2018-13379, read this article.
If you think you may be affected and have a question, please send an email to firstname.lastname@example.org.