Experts Commenting On Hacker Posts Exploits For Over 49,000 Vulnerable Fortinet VPNs

By   ISBuzz Team
Writer , Information Security Buzz | Nov 24, 2020 03:15 am PST

It was reported today that a hacker has posted a list of one-line exploits to steal VPN credentials from almost 50,000 Fortinet VPN devices. Present on the list of vulnerable targets are domains belonging to high street banks and government organizations from around the world.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
David Kennefick
David Kennefick , Solutions Architect
November 24, 2020 11:16 am

This vulnerability has been a known issue for nearly two years now. The list that this hacker has posted is not exhaustive, there may be many more organisations that have the same issues that are not included in the exploit dump.

This year, ransomware has been rampant all over the globe, and this exploit is just another way for attackers to deliver their payloads. This is a one-line exploit, which means the attack is fairly simple to run, and any susceptible systems should be addressed, patched or taken offline immediately.

Organisation need to implement and enforce strong patching policies. This needs to be coupled with strong asset management so it is understood exactly what needs to be patched and where the technology resides.

Last edited 3 years ago by David Kennefick

Recent Posts

Would love your thoughts, please comment.x