If you are using Fortinet SSL VPN, attackers may be able to gain access to your private network, likely leading to a ransomware attack. 

You should make certain that you are using an unaffected version of the Fortinet VPN, or upgrade to a fixed version as soon as possible. Because this vulnerability allows attackers to steal login credentials, we also recommend a global password change and that you enable two-factor authentication for all VPN users.

To see the list of affected versions and how to upgrade to a fixed version, visit the vendor’s support page

For more information about this threat, CVE-2018-13379, read this article


If you think you may be affected and have a question, please send an email to security@at-bay.com.

Did this answer your question?