In what’s equally sad and shocking, a hacker has posted an exploit that can be used to steal VPN credentials using a 2018 vulnerability that was publicly disclosed over a year ago.
It is reported that a series of one-line exploits can reveal authentication information from about 50,000 compromisable targets.
According to anonymous threat intelligence analyst Bank_Security, the list includes several banks, many .gov domains from around the world as well as thousands of companies.
- These are the best SSL certificate services for 2020
- Check out our roundup of the best endpoint protection solutions
- We’ve also compiled a list of the best antivirus products
Failed by red-tape
The flaw labelled CVE-2018-13379 is a path traversal vulnerability in the web portal of FortinetOS’ SSL VPN devices.
Using a reportedly trivial exploit that involves crafting special HTTP requests, unauthenticated attackers can download the sslvpn_websession files from Fortinet VPNs that contain login credentials.
The simple mitigation for the vulnerability is to either disable the SSL-VPN service on the FortinetOS devices running the affected version, or to upgrade to a new release. Both solutions it seems are too much of an ask for the 49,577 targets that reportedly includes over four dozen banking, finance, and governmental organizations of repute.
“Unfortunately, companies have a very slow patching process or an uncontrolled perimeter of exposure on the internet, and for this reason, attackers are able to exploit these flaws to compromise companies in all sectors with relative simplicity,” shared the anonymous Bank_Security analyst adding that attackers had been exploiting this vulnerability for a long time.
In fact, the same flaw was reportedly exploited by attackers to break into US government elections support systems last month.
- Shape up your security with one of our recommended best business VPNs
Via: BleepingComputer
