FBI & CISA Warn of Active Attacks on FortiOS Vulnerabilities
The FBI and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have issued a joint advisory warning administrators that APT groups are currently exploiting three different vulnerabilities that existing the Fortinet FortiOS. News of the active exploits was allegedly broken to the public just a few days ago after the agencies observed malicious APT attackers scanning devices on ports 4443, 8443, and 10443. Officials stated that it appeared the attackers were attempting to access multiple governments, commercial, and technology services networks.
According to the FBI and the Cybersecurity and Infrastructure Security Agency, the APT actors may be leveraging just one or all three of the vulnerabilities reported in FortiOS. The attackers are likely looking to gain access to sensitive information through key networks as an attempt to pre-position for further data exfiltration or attacks, according to the advisory.