FBI/CISA: APT Actors Are Targeting Three Fortinet...

FBI/CISA: APT Actors Are Targeting Three Fortinet Vulnerabilities

The Federal Bureau of Investigation (FBI) along with the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory about activity tied to advanced persistent threat (APT) actors. According to their advisory, FBI/CISA say they have observed an increase in scanning and enumerating publicly accessible Fortinet systems by these APT actors in preparation for future attacks. The agencies identified the following three Fortinet vulnerabilities being probed for by these threat actors:

The most severe of these three flaws is CVE-2018-13379, a pre-authentication arbitrary file read vulnerability in Fortinet’s Fortigate SSL VPN that has been a favorite amongst cybercriminals since it was disclosed in August 2019.

Additionally, Kaspersky’s ICS-CERT team recently published a report following an incident investigation they conducted for an industrial entity that was hit by a ransomware attack. According to the report, the Cring ransomware group used CVE-2018-13379 to gain initial access into the victim’s environment before deploying other tools that ultimately led to the Cring ransomware infection.

For more information about these vulnerabilities, including the availability of patches and Tenable product coverage, please visit our blog.

Cyber Exposure Alerts

Vulnerability Watch

Forum Discussion

FBI/CISA: APT Actors Are Targeting Three Fortinet...

Recent Discussions

Microsoft’s February 2026 Patch Tuesday Addresses 54 CVEs (CVE-2026-21510, CVE-2026-21513)

Frequently Asked Questions About Notepad++ Supply Chain Compromise

Ivanti Endpoint Manager Mobile Zero-Days Exploited (CVE-2026-1281, CVE-2026-1340)

Oracle January 2026 Critical Patch Update Addresses 158 CVEs

CVE-2025-64155: Exploit Code Released for Critical Fortinet FortiSIEM Vulnerability

Americas

Europe

Asia / Australia