CVE-2018-13382
Fortinet / FortiOS and FortiProxy
Ransomware campaign
Added 2022-01-10
Due 2022-07-10
Fortinet FortiOS and FortiProxy Improper Authorization
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password.
Required action
Apply updates per vendor instructions.
Notes: https://nvd.nist.gov/vuln/detail/CVE-2018-13382
Metadata
| Added to KEV | 2022-01-10 |
| Remediation due | 2022-07-10 |
| Ransomware use | Known |
| CWEs | CWE-285 |
| Ingested | 2026-04-24 15:03:13 |
Cross-mesh regulatory overlay
If you're breached via this CVE, what disclosure laws and cyber regs fire? Asks LexiWorld and RegulatoryRadar via signed mesh.