The FBI recently issued a Flash Alert to Fortinet Fortigate users that Advanced Persistent Threat (APT) groups are continuing to exploit devices that have not been patched. Although Fortinet issued patches for these vulnerabilities in 2018, 2019, and 2020, many organizations have not applied the patches.

The exploitations are random, not against specific industries or sectors, and seem to be focused on just targeting unpatched devices. According to a Joint CISA and FBI alert issued in April 2021, the vulnerabilities could be used by threat actors to exfiltrate data, encrypt data, and stage for additional attacks.

Not patching vulnerabilities in software that is actively being used by your organization is giving threat actors easy access to valuable data, akin to not locking your door and allowing a burglar to enter and steal all your valuables. These are not new vulnerabilities nor are they new patches. Check with your IT professionals to confirm that these patches have been applied.

[View source.]