[CoIT-Security] Fortinet FortiOS System File Leak
Goode, April
april at onenet.net
Mon Nov 30 12:39:42 CST 2020
CoIT Security List Members,
Please see this message about Fortinet devices from Chris Kosciuk.
Thanks,
April Goode, MBA, SPP
[cid:image001.png at 01D6C715.DF6B2530]
Director of OneNet Strategic Planning and Communications
Oklahoma State Regents for Higher Education
405.225.9251
april at onenet.net<mailto:april at onenet.net>
From: Kosciuk, Chris
Sent: Monday, November 30, 2020 12:10 PM
To: Goode, April <april at onenet.net>
Cc: Royal, Von <von at onenet.net>; Burkhart, Brian <brian at onenet.net>; Pettett, Sky <spettett at onenet.net>
Subject: Fw: Fortinet FortiOS System File Leak
Anyone using Fortinet devices especially for SSL VPN, please ensure you are on updated firmware.
https://www.fortiguard.com/psirt/FG-IR-18-384
CK
________________________________
From: US-CERT <US-CERT at ncas.us-cert.gov<mailto:US-CERT at ncas.us-cert.gov>>
Sent: Friday, November 27, 2020 10:18 AM
To: Kosciuk, Chris
Subject: Fortinet FortiOS System File Leak
[Cybersecurity and Infrastructure Security Agency (CISA) - Defend Today, Secure Tomorrow]
You are subscribed to National Cyber Awareness System Current Activity for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available.
Fortinet FortiOS System File Leak<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDAsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3VzLWNlcnQuY2lzYS5nb3YvbmNhcy9jdXJyZW50LWFjdGl2aXR5LzIwMjAvMTEvMjcvZm9ydGluZXQtZm9ydGlvcy1zeXN0ZW0tZmlsZS1sZWFrIn0.ULYzfpEfow2YF7J6zfNNCNB16F0GN36joo1tbdNLvmU/s/1193526663/br/90670007929-l>
11/27/2020 11:00 AM EST
Original release date: November 27, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of the possible exposure of passwords on Fortinet devices that are vulnerable to CVE 2018-13379. Exploitation of this vulnerability may allow an unauthenticated attacker to access FortiOS system files. Potentially affected devices may be located in the United States.
Fortinet has released a security advisory<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy5mb3J0aWd1YXJkLmNvbS9wc2lydC9GRy1JUi0xOC0zODQifQ.HhFZqhnx6Bb4pFoQ769WQ_qajkD-mKsRD5o-AJrwevs/s/1193526663/br/90670007929-l> to highlight mitigation of this vulnerability. CISA encourages users and administrators to review the advisory and apply the necessary updates immediately. Additionally, CISA recommends Fortinet users conduct a thorough review of logs on any connected networks to detect any additional threat actor activity.
This product is provided subject to this Notification<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3VzLWNlcnQuY2lzYS5nb3YvcHJpdmFjeS9ub3RpZmljYXRpb24ifQ.xQCcBF2Oy8Rj-5mIOquKL_NZ6FlSJvqAepB6gUz-jEw/s/1193526663/br/90670007929-l> and this Privacy & Use<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDMsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy5kaHMuZ292L3ByaXZhY3ktcG9saWN5In0.MgELOCAVt4H6e3VlrDkcoDnmT87Rn0kkxnzgXsCn-tg/s/1193526663/br/90670007929-l> policy.
Having trouble viewing this message? View it as a webpage<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDQsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL2NvbnRlbnQuZ292ZGVsaXZlcnkuY29tL2FjY291bnRzL1VTREhTQ0lTQS9idWxsZXRpbnMvMmFlYTBmOCJ9.3Eirze7BRilPhgLGlHN6DZldSQh39ar1R3WrTk5UDoo/s/1193526663/br/90670007929-l>.
You are subscribed to updates from the Cybersecurity and Infrastructure Security Agency<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy5jaXNhLmdvdiJ9.41aCqd0S7WM565663c3R7We0yyyJEKfmmyV3VReHkWc/s/1193526663/br/90670007929-l> (CISA)
Manage Subscriptions<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDcsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3B1YmxpYy5nb3ZkZWxpdmVyeS5jb20vYWNjb3VudHMvVVNESFNDSVNBL3N1YnNjcmliZXIvZWRpdD9wcmVmZXJlbmNlcz10cnVlI3RhYjEifQ.-iTvxMqfQ5L5gmo47EzXLgod6MViDJir7TBjLl0TJyk/s/1193526663/br/90670007929-l> | Privacy Policy<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDgsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy5jaXNhLmdvdi9wcml2YWN5LXBvbGljeSJ9.xH_6L1C_WLfjEuwICSkOFcXbF7r1_OnJgb0lfbrxhl8/s/1193526663/br/90670007929-l> | Help<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMDksInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3N1YnNjcmliZXJoZWxwLmdyYW5pY3VzLmNvbS9zL2FydGljbGUvU3Vic2NyaWJlci1IZWxwLUNlbnRlciJ9.ADK9I9YseQmhtN2YyPblZtPybdNFIaaHac9BJD45nKY/s/1193526663/br/90670007929-l>
Connect with CISA:
Facebook<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMTEsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy5mYWNlYm9vay5jb20vQ0lTQSJ9.LDCmUW5O5i3eccw5AQ9-IgaQxhutN-CI7_TA-BwPbns/s/1193526663/br/90670007929-l> | Twitter<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMTIsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3R3aXR0ZXIuY29tL0NJU0Fnb3YifQ.FIkyrK7MPJNWb5N7iLk84pIMf-i3k3gV1TQSbNvjle8/s/1193526663/br/90670007929-l> | Instagram<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMTMsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL0luc3RhZ3JhbS5jb20vY2lzYWdvdiJ9.9Z2MvmROyaSRuX7nM7qtV7tldEvDt7S9mtQ2wH3eDI0/s/1193526663/br/90670007929-l> | LinkedIn<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMTQsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy5saW5rZWRpbi5jb20vY29tcGFueS9jeWJlcnNlY3VyaXR5LWFuZC1pbmZyYXN0cnVjdHVyZS1zZWN1cml0eS1hZ2VuY3kifQ.eOmb7hWoN1YMJ85Nk3SFDOfplUILZJQvqgSEC-hsBX0/s/1193526663/br/90670007929-l> | YouTube<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMTUsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3d3dy55b3V0dWJlLmNvbS9jaGFubmVsL1VDeHlxOXJvZS1ucGd6clZ3YnBvQXkwQSJ9.cmxEXP8wIFhUH712rQIbT5JfQpG4B4hy9570BOTEg-s/s/1193526663/br/90670007929-l>
________________________________
This email was sent to ckosciuk at osrhe.edu<mailto:ckosciuk at osrhe.edu> using GovDelivery Communications Cloud, on behalf of: Cybersecurity and Infrastructure Security Agency * 707 17th St, Suite 4000 * Denver, CO 80202
[GovDelivery logo]<https://lnks.gd/l/eyJhbGciOiJIUzI1NiJ9.eyJidWxsZXRpbl9saW5rX2lkIjoxMTYsInVyaSI6ImJwMjpjbGljayIsImJ1bGxldGluX2lkIjoiMjAyMDExMjcuMzEyMjQwMDEiLCJ1cmwiOiJodHRwczovL3N1YnNjcmliZXJoZWxwLmdyYW5pY3VzLmNvbS8ifQ.ngYtFFHxuSI1iVPZ6Lkgf4UNp_x-NSohNX1KMALKe2E/s/1193526663/br/90670007929-l>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20201130/689015a6/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 7537 bytes
Desc: image001.png
URL: <http://lists.onenet.net/pipermail/coit-security/attachments/20201130/689015a6/attachment-0001.png>
More information about the CoIT-Security
mailing list