News

A critical security flaw in Fortinet FortiOS SSL, which has been present for four years, has become one of the most frequently exploited vulnerabilities in 2022. Cybersecurity and intelligence agencies from the Five Eyes nations, comprising Australia, Canada, New Zealand, the U.K., and the U.S., have highlighted the concerning trend of cyber actors exploiting older software vulnerabilities rather than recently disclosed ones. The agencies noted that these actors specifically target unpatched, internet-facing systems.

The flaw in question, CVE-2018-13379, has been consistently weaponized by malicious actors and was one of the most exploited bugs in 2020 and 2021 as well. The authorities attribute this to organizations failing to apply timely patches, resulting in the vulnerability persisting for several years.

CVE-2018-13379 refers to a path traversal defect in the FortiOS SSL VPN web portal. Exploiting this flaw allows an unauthenticated attacker to download system files by sending specially crafted HTTP resource requests to the portal.

The U.K.’s National Cyber Security Centre (NCSC) emphasizes the importance of promptly applying security patches. Attackers tend to achieve the most success within the first two years of a vulnerability’s disclosure, as they can maximize their impact during this window. Timely patching significantly reduces the effectiveness of known vulnerabilities, forcing attackers to resort to more costly and time-consuming methods, such as developing zero-day exploits or conducting software supply chain operations.

To stay updated with our exclusive content, follow us on Twitter and LinkedIn.

The post Fortinet FortiOS SSL Vulnerability: A Persistent Exploited Flaw appeared first on satProviders.