Thousands of Fortinet device login credentials were linked

Cybersecurity solutions provider Fortinet has confirmed that a cybercriminal has made public the SSL-VPN login credentials associated with at least 87.000 FortiGate SSL-VPN devices via the RAMP forum.

The compromised credentials were obtained by not having the devices updated against the CVE-2018-13379 vulnerability at the time it was being exploited.

The manufacture insists that those affected should update their systems and then reset their user passwords to fix the vulnerability.