ACSC critical alert for Fortinet Firewalls and VPN Gateways


Monday, 22 June, 2026

ACSC critical alert for Fortinet Firewalls and VPN Gateways

The Australian Cyber Security Centre (ACSC) has raised an alert that it is aware of public reporting of a widespread malicious campaign against Fortinet Firewalls and VPN gateways, largely utilising exposed credentials and credential-based attacks, leading to potential compromise and further credential exposure.

Leveraging these credentials could enable malicious actor’s remote access to the devices and connected networks, as well as allow changes to various settings, including security controls.

ACSC says the alert is relevant to all Australians and Australian organisations that utilise Fortinet devices. This alert is intended for a technical audience.

Mitigation advice

ASD’s ACSC advises all organisations that use Fortinet Firewall or VPN services to ensure the following:

  • Rotate credentials: all admin and VPN credentials should be rotated immediately.
  • Ensure devices are patched: to prevent attackers from exploiting existing vulnerabilities in older firmware.
  • Restrict management interface exposure: to reduce the attack surface of your Fortinet infrastructure, ensure firewall admin/management interfaces are not internet accessible unless necessary.
  • Enforce multi-factor authentication (MFA): for all external interfaces to minimise the impact of stolen credentials.
  • Ensure credentials are being stored with PBKDF2 hashing: to prevent the offline brute forcing of credentials. All admin accounts should be logged back into once devices are fully updated to force the encryption to change to PBKDF2.
  • Examine logging for malicious activity: review authentication logs, access logs, investigate abnormal logins or changes.

Where to get help

Organisations that have been impacted, suspect impact or require advice and assistance can contact the ACSC on 1300 CYBER1 (1300 292 371).

Image credit: iStock.com/CROCOTHERY

Originally published here.

Related News

APAC workers in need of phishing training: report

A report from workforce security company KnowBe4 indicates that 1 in 3 Australian employees is...

Critical vulnerabilities doubled in past year: report

Research published by Check Point indicates that critical vulnerabilities have doubled since last...

DigiCert launches Quantum Central tool

DigiCert's recently launched Quantum Central solution can help security and IT teams prepare...


  • All content Copyright © 2026 Westwick-Farrow Pty Ltd