Print - 【Vulnerability Alert】Fortinet Firewalls and Other Devices Are Subject to Credential Theft Attacks. Please Confirm and Apply Patches as Soon as Possible.

【Vulnerability Alert】Fortinet Firewalls and Other Devices Are Subject to Credential Theft Attacks. Please Confirm and Apply Patches as Soon as Possible.

publish date : 2026-06-22 update date : 2026-06-22

Source: Ministry of education information & communication security contingency platform

"" "" ""


Publication Number	TACERT-ANA-2026062208060808	Publication Time	2026-06-22 08:54:08
Incident Type	ANA-Vulnerability Alert	Discovery Time	2026-06-22 08:54:08
Impact Level	Low
[Subject] 【Vulnerability Alert】Fortinet Firewalls and Other Devices Are Subject to Credential Theft Attacks. Please Confirm and Apply Patches as Soon as Possible.
[Content] Forwarded from the National Institute of Cyber Security Security Advisory NISAC-400-202606-00000006 Researchers have discovered that attackers are conducting large-scale credential theft attacks targeting Fortinet firewalls, VPN devices, and other equipment, and are suspected of possessing account and password data for related devices, thereby cracking the protection measures of related devices on a large scale. Agencies are requested to use the following query tool to confirm whether their own devices have been disclosed, and to take improvement measures as soon as possible. Tool link: https://www.hudsonrock.com/fortinet Information Sharing Level: WHITE (the intelligence content is information that may be publicly disclosed)
[Affected Platform] All Fortinet devices
[Recommended Actions] Hide the management interface: Confirm as soon as possible whether the device management interface is exposed to the Internet, and remove the management interface from the public Internet. Only trusted IPs or access through a jump server/VPN should be allowed. Fully reset device passwords: Immediately change all administrator passwords for the management interfaces and VPNs of all Fortinet devices. Enable multi-factor authentication (MFA): It is recommended to enable multi-factor authentication for all remote access and administrator accounts. Force upgrade of the hashing algorithm: After upgrading FortiOS, require all administrators to log in to the firewall at least once. The system will automatically upgrade the password encryption method to the PBKDF2 algorithm, which is more difficult to crack.
[Reference] https://www.hudsonrock.com/fortinet

(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw

Organizer: Computer Center