CVE-2018-13374 Fortinet CVE debrief

Who should care

Organizations that run Fortinet FortiOS or FortiADC should treat this as a priority, especially teams responsible for internet-facing appliances, perimeter security, and incident response.

Technical summary

The supplied records identify CVE-2018-13374 as an improper access control vulnerability in Fortinet FortiOS and FortiADC. The CISA KEV entry confirms known exploitation and notes known ransomware campaign use. The only remediation guidance present in the supplied corpus is to apply updates per vendor instructions.

Defensive priority

Urgent / Immediate

Recommended defensive actions

• Inventory Fortinet FortiOS and FortiADC deployments to confirm whether any affected systems are present.
• Apply vendor updates per Fortinet instructions as soon as possible.
• Prioritize exposed or internet-facing devices for remediation.
• Review administrative and authentication activity on Fortinet devices for signs of suspicious access.
• Use the official Fortinet advisory referenced by CISA KEV to verify the correct fixed releases and remediation steps.

Evidence notes

This debrief is limited to the supplied CISA KEV metadata and the official CVE/NVD records included in the corpus. The KEV entry lists dateAdded as 2022-09-08, dueDate as 2022-09-29, requiredAction as 'Apply updates per vendor instructions,' and knownRansomwareCampaignUse as 'Known.' No CVSS score or severity was provided in the supplied record.

Official resources