Passwords exposed for almost 50,000 vulnerable Fortinet VPNs

SeriousHoax

SeriousHoax

Level 49
Thread author
Verified
Top Poster
Well-known
Mar 16, 2019
3,862
Content source
https://www.bleepingcomputer.com/news/security/passwords-exposed-for-almost-50-000-vulnerable-fortinet-vpns/
A hacker has now leaked the credentials for almost 50,000 vulnerable Fortinet VPNs.


Over the weekend a hacker had posted a list of one-line exploits for CVE-2018-13379 to steal VPN credentials from these devices, as reported by BleepingComputer.


Present on the list of vulnerable targets are IPs belonging to high street banks, telecoms, and government organizations from around the world.


Leaked files expose usernames, passwords, unmasked IPs​


The exploitation of critical FortiOS vulnerability CVE-2018-13379 lets an attacker access the sensitive "sslvpn_websession" files from Fortinet VPNs.


These files contain session-related information, but most importantly, may reveal plain text usernames and passwords of Fortinet VPN users.


Today, threat intelligence analyst Bank_Security has found another thread on the hacker forum where a threat actor shared a data dump containing "sslvpn_websession" files for every IP that had been on the list.


As observed by BleepingComputer, these files reveal usernames, passwords, access levels (e.g. "full-access"), and the original unmasked IP addresses of users connected to the VPNs.
Click to expand...
Read the full article here
 
  • Like
  • Wow
  • Sad
Reactions: Protomartyr, Venustus, Dave Russo and 8 others
Solarquest

Solarquest

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
"Present on the list of vulnerable targets are IPs belonging to high street banks, telecoms, and government organizations from around the world."
....
...
...
"The security of our customers is our first priority. In May 2019 Fortinet issued a PSIRT advisory regarding an SSL vulnerability that was resolved, and have also communicated directly with customers and again via corporate blog posts in August 2019 and July 2020 strongly recommending an upgrade," a Fortinet spokesperson told BleepingComputer.
....

Even after one year,.......incredible....any (legal) consequences for the affected companies and organizations?
 
  • Like
  • Wow
  • Applause
Reactions: SeriousHoax, Protomartyr, Venustus and 5 others
You must log in or register to reply here.

Similar threads

Gandalf_The_Grey
    • Wow
    • Like
Security News Fortinet confirms data breach after hacker claims to steal 440GB of files
Replies
0
Views
1,376
Security News
Gandalf_The_Grey
Gandalf_The_Grey
vtqhtr413
    • Like
Attackers Crafted Custom Malware for Fortinet Zero-Day
Replies
1
Views
676
News Archive
Stopspying
Stopspying
LASER_oneXM
    • Like
    • Thanks
    • +Reputation
Hackers leak passwords for 500,000 Fortinet VPN accounts
Replies
1
Views
1,169
News Archive
MacDefender
M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top