Reported widespread credential exposure affecting Fortinet Firewalls and VPN Gateways
The Australian Cyber Security Centre is aware of public reporting of a widespread malicious campaign against Fortinet Firewalls and VPN gateways, largely utilizing exposed credentials and credential-based attacks, leading to potential compromise and further credential exposure.
Leveraging these credentials could enable malicious actor’s remote access to the devices and connected networks, as well as allow changes to various settings, including security controls.