Categories: US-Cert-Repository

FBI-CISA Joint Advisory on Exploitation of Fortinet FortiOS Vulnerabilities



Original release date: April 2, 2021

The Federal Bureau of Investigation (FBI) and CISA have released a Joint Cybersecurity Advisory (CSA) to warn users and administrators of the likelihood that advanced persistent threat (APT) actors are actively exploiting known Fortinet FortiOS vulnerabilities CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591. APT actors may use these vulnerabilities or other common exploitation techniques to gain initial access to multiple government, commercial, and technology services. Gaining initial access pre-positions the APT actors to conduct future attacks.

CISA encourages users and administrators to review Joint CSA AA21-092A: APT Actors Exploit Vulnerabilities to Gain Initial Access for Future Attacks and implement the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.



Source link

admin

Leave a Comment
Share
Published by
admin
5 years ago

Recent Posts

CISA Releases Four Industrial Control Systems Advisories

CISA released four Industrial Control Systems (ICS) Advisories on October 9, 2025. These advisories provide…

2 hours ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

1 day ago

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

2 days ago

CISA Releases Two Industrial Control Systems Advisories

CISA released two Industrial Control Systems (ICS) advisories on October 7, 2025. These advisories provide…

3 days ago

CISA Adds Seven Known Exploited Vulnerabilities to Catalog

CISA has added seven new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence…

4 days ago

CISA and UK NCSC Release Joint Guidance for Securing OT Systems

CISA, in collaboration with the Federal Bureau of Investigation, the United Kingdom’s National Cyber Security…

6 days ago

This website uses cookies.