In a joint alert issued on April 2nd, the FBI and CISA warned that threat actors are actively scanning for Fortinet devices running vulnerable versions of FortiOS. FortiOS, in the past, has seen three (CVE-2018-13379, CVE-2020-12812, and CVE-2019-5591) significant vulnerabilities and all are being exploited currently. While it is currently not known who is performing the active scans, it is well known that APT groups have opportunistically taken advantage of these kinds of vulnerabilities to gain a foothold in many environments. Fortinet is strongly recommending that if clients are still using out-of-date devices, that they patch immediately.
By Anthony Zampino Introduction Leading up to the most recent Russian invasion of Ukraine in