Thursday 8 April 2021
The impact of this issue announcement is critical. Please act accordingly to rectify the issue, as stated below.
Fortinet SSL VPN
What you need to know:
After the FBI and CISA’s joint advisory to warn of active APT scanning on CVE-2018-13379 early this week, attackers are now actively exploiting the path traversal vulnerability in the FortiOS SSL VPN web portal to deploy the new Cring Ransomware (also known as Crypt3r, Vjiszy1lo, Ghost, Phantom) to European industrial firms.
Actions to be taken:
Administrators of Internet exposed Fortigate SSL VPN Servers are advised to review and make sure they have the latest patches and updates.