From april at onenet.net Mon Nov 30 12:39:42 2020 From: april at onenet.net (Goode, April) Date: Mon, 30 Nov 2020 18:39:42 +0000 Subject: [CoIT-Security] Fortinet FortiOS System File Leak In-Reply-To: <2039ba70dc16437eb0e1b0207c0a0f0f@osrhe.edu> References: <16930302.91652@ncas.us-cert.gov> <2039ba70dc16437eb0e1b0207c0a0f0f@osrhe.edu> Message-ID: <521627ec933c489586f7279a9aa543b9@onenet.net> CoIT Security List Members, Please see this message about Fortinet devices from Chris Kosciuk. Thanks, April Goode, MBA, SPP [cid:image001.png at 01D6C715.DF6B2530] Director of OneNet Strategic Planning and Communications Oklahoma State Regents for Higher Education 405.225.9251 april at onenet.net From: Kosciuk, Chris Sent: Monday, November 30, 2020 12:10 PM To: Goode, April Cc: Royal, Von ; Burkhart, Brian ; Pettett, Sky Subject: Fw: Fortinet FortiOS System File Leak Anyone using Fortinet devices especially for SSL VPN, please ensure you are on updated firmware. https://www.fortiguard.com/psirt/FG-IR-18-384 CK ________________________________ From: US-CERT > Sent: Friday, November 27, 2020 10:18 AM To: Kosciuk, Chris Subject: Fortinet FortiOS System File Leak [Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow] You are subscribed to National Cyber Awareness System Current Activity for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available. Fortinet FortiOS System File Leak 11/27/2020 11:00 AM EST Original release date: November 27, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation of this vulnerability may allow an unauthenticated attacker to access FortiOS system files. Potentially affected devices may be located in the United States. Fortinet has released a security advisory to highlight mitigation of this vulnerability. CISA encourages users and administrators to review the advisory and apply the necessary updates immediately. Additionally, CISA recommends Fortinet users conduct a thorough review of logs on any connected networks to detect any additional threat actor activity. This product is provided subject to this Notification and this Privacy & Use policy. Having trouble viewing this message? View it as a webpage. You are subscribed to updates from the Cybersecurity and Infrastructure Security Agency (CISA) Manage Subscriptions | Privacy Policy | Help Connect with CISA: Facebook | Twitter | Instagram | LinkedIn | YouTube ________________________________ This email was sent to ckosciuk at osrhe.edu using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency * 707 17th St, Suite 4000 * Denver, CO 80202 [GovDelivery logo] -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image001.png Type: image/png Size: 7537 bytes Desc: image001.png URL: