In early September, nearly 500,000 login names and passwords that were allegedly scraped from vulnerable Fortinet VPN devices were leaked. 98% of the IP addresses in the leaked files are verified to be running Fortinet VPN servers within the past 12 months.
The exposed credentials could allow attackers to perform ransomware by accessing an exposed network, exfiltrating the data, and installing malware.
If you use Fortinet VPN with the directory traversal vulnerability [CVE-2018-13379], then you are at risk of ransomware and/or data leak.
Visit the Fortinet Resource Center.