Fortigate is a Virtual Private Network (VPN) firewall product developed by Fortinet.
There’s vulnerability with the Fortigate VPN, that allows an external attacker to download system files via specially crafted HTTP resource requests without authentication [CVE-2018-13379].
Attackers are using this vulnerability to gain unauthorized access into corporate VPNs, where they can potentially download files containing passwords and other sensitive information from the VPN server.
There’s an estimated 30,000 hosts worldwide that are at risk.
Third Party Risk Management
Security Performance Management
Review your potential exposure by searching for “CVE-2018-13379” in your Patching Cadence findings.